@Gene-Action1 Action1 will flag older versions of Powershell 7 as vulnerable, but your only remediation option is document compensating controls. I would imagine there might be a set of circumstances for someone say on 7.5.1 that has to be locked to that specific version and doesn’t want to update but that can apply to any number of pieces of software. Given that Powershell downloads are not paywalled, is there a reason A1 can’t update it? I have other ways to push it, via RMM and I do, but I was just curious.
9 Spice ups
Great question!
5 Spice ups
Just one question (I am using PDQ)…..as MS says there can be different versions of PS coexist on same OS, but would it be recommended to seek and remove all versions of PS then install the latest one ?
4 Spice ups
In my experience, that’s only V2/V5/V7, unless you’re doing something abnormal when installing V7, and typically installing a newer version of 7 will replace the current.
Back on topic, though, PowerShell 7 can be updated through Winget. It’s been a while, but I believe Action1 has a built-in Winget update somewhere.
6 Spice ups
Yes, and it can also be done via MSI deployment. Just curious why A1 can’t automatically remediate it.
5 Spice ups
But do we need to update it ??
Mine (or at least all my staff should be 5.1.26100.6725 build 10….
2 Spice ups
Specifically talking about Powershell 7 here. It’s flagging 7.5.2 as vulnerable. 7.5.3 was released mid September.
4 Spice ups
I know it meant 7.x for this topic, but wouldn’t the issues also be present for other older versions as well ?
If PS 5 does not have the issues of PS 7, should we stay at PS 5 instead ?
2 Spice ups
Powershell 5.x has no new development going into it. Powershell 7 (and beyond) is the future. It’s a separate install and has to be updated just like any other software application. It does not remove/replace Powershell 5.x from your system.
Exchange Online Management module v 3.5.0 or higher requires PS 7.4.0 or later.
5 Spice ups
They’re two different products. PS5 is Windows PowerShell, the Windows-exclusive platform, and PS7 is just PowerShell (previously PowerShell Core,) the cross-platform version that Microsoft is actively going to support going forward.
In general, you’ll need both. You can’t (at least, to my knowledge) remove PS5, and there are still some cmdlets that haven’t been ported over to PS7 yet, but PS7 is what all of the development efforts are going into, and is required for working with some newer components and modules.
3 Spice ups
Correct, late to the party, but this is the answer, I will ask why PS7 is not a native package in our repo, but the co existences of 5 and 7 is completely normal.
2 Spice ups
heehee…..I saw PDQ have PS7 package and I deployed in to my lappy to test….likely remove it soon
2 Spice ups
Yes it does. I’ve deployed PS7 with PDQ before.
2 Spice ups