Security News > 2022 > June > Don't ditch PowerShell to improve security, say infosec agencies from UK, US, and NZ
Windows PowerShell is enormously useful, extremely prevalent, and often targeted by crooks because it offers an express route into the heart of Windows servers and networks.
Instead, the agencies recommend securing PowerShell prudently.
"PowerShell is essential to secure the Windows operating system," the agencies argue.
"Removing or improperly restricting PowerShell would prevent administrators and defenders from utilizing PowerShell to assist with system maintenance, forensics, automation, and security."
The document's first recommendation is ensuring use of PowerShell 7.2, because it improves on the previous version 5.x that shipped with some editions of Windows 10.
Enabling Deep Script Block Logging, Module Logging, and Over-the-Shoulder - three useful logging tools that can help to detect abuses of PowerShell.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/06/23/keep_poewrshell_security_advice/
Related news
- What 2024 taught us about security vulnerabilties (source)
- Canvassing apps used by UK political parties riddled with privacy, security issues (source)
- UK, US, Oz blast holes in LockBit's bulletproof hosting provider Zservers (source)
- US lawmakers press Trump admin to oppose UK's order for Apple iCloud backdoor (source)