How to Disable PowerShell in Windows 11 or 10?

On Windows 11 and 10, PowerShell is a handy tool that enables you to run scripts and commands to change system settings, manage features, troubleshoot problems, automate tasks, etc.

Although it is a valuable command-line shell, you might want to disable it to ensure malicious commands or scripts could not be executed. You may also want to restrict access to PowerShell to comply with the company’s policies.

Whatever the reason it might be, Windows 11 and 10 offer multiple ways to disable access to PowerShell.

In this gearupwindows article, we will guide you on disabling the PowerShell application using the Security Policy and Local Group Policy Editor.

How to Turn Off PowerShell on Windows 11 or 10 using Security Policy?

To disable PowerShell on Windows 11 or 10 through Security Policy, use these steps:-

Step 1. Open Local Security Policy.

To do that, click on the Start button and type Local Security Policy. In the available search results, click on its name to open it.

Step 2. Then, double-click on the Software Restriction Policies branch to expand.

If no category is available under the “Software Restriction Policies,” right-click the Software Restriction Policies branch and select the New Software Restriction Policies option.

When you’re done, two categories will appear under the Software Restriction Policies branch: Security Levels and Additional Rules.

Step 3. Now, right-click on the Additional Rules and select the New Hash Rule option.

Step 4. In the “New Hash Rule” window, click on the Browse button.

Step 5. Once done, File Explorer will open. Navigate to the “%SystemRoot%\system32\WindowsPowerShell\v1.0” path and select the powershell.exe executable file.

Step 6. Click the Open button.

Step 7. Click the Apply button.

Step 8. Click the OK button.

Step 9. Again, right-click on the Additional Rules category and select the New Hash Rule option.

Step 10. In the “New Hash Rule” window, click on the Browse button.

Step 11. Once done, File Explorer will open. Navigate to the “%SystemRoot%\SysWOW64\WindowsPowerShell\v1.0” path and select the powershell.exe executable file.

Step 12. Click the Open button.

Step 13. Click the Apply button.

Step 14. Click the OK button.

Step 15. If you have installed PowerShell version 7 also and want to disable it, create another hash rule with this path “%SystemRoot%\Program Files\PowerShell\7\pwsh.exe.”

Step 16. Then, choose the Powershell.exe executable file in File Explorer.

Step 17. Click the Open button.

Step 18. Click the Apply button.

Step 18. Click the OK button.

Step 19. Reboot your PC.

The above steps will altogether disable 32-bit and 64-bit PowerShell on your computer.

How to Disable Access to PowerShell ISE with Local Security Policy?

Although using the above method, you have restricted access to the command-line PowerShell tool; users can still get around this limitation using the PowerShell ISE interface. So, to disable access to this tool with the Local Security Policy, use these steps:-

Step 1. Open Local Security Policy.

To do that, click on the Start button and type Local Security Policy. In the available search results, click on its name to open it.

Step 2. Then, double-click on the Software Restriction Policies branch to expand.

Step 3. Now, right-click on the Additional Rules and select the New Hash Rule option.

Step 4. In the “New Hash Rule” window, click on the Browse button.

Step 5. Once done, File Explorer will open. Navigate to the “%SystemRoot%\system32\WindowsPowerShell\v1.0” path and select the powershell_ise.exe executable file.

Step 6. Click the Open button.

Step 7. Click the Apply button.

Step 8. Click the OK button.

Step 9. Again, right-click on the Additional Rules category and select the New Hash Rule option.

Step 10. In the “New Hash Rule” window, click on the Browse button.

Step 11. Once done, File Explorer will open. Navigate to the “%SystemRoot%\SysWOW64\WindowsPowerShell\v1.0” path and select the powershell_ise.exe executable file.

Step 12. Click the Open button.

Step 13. Click the Apply button.

Step 14. Click the OK button.

Step 15. Restart your computer.

The above steps will disable 32-bit and 64-bit PowerShell ISE on your computer.

How to Turn Off PowerShell on Windows 11 or 10 using Local Group Policy Editor?

To disable PowerShell on Windows 11 or 10 through Local Group Policy Editor, do these steps:-

Step 1. Open Local Group Policy Editor.

Step 2. Then, browse to the following path in the left sidebar of Local Group Policy Editor:-

User Configuration > Administrative Templates > System

Step 3. On the right pane, double-click on the Don’t run specified Windows applications policy.

Step 4. Select the Enabled option.

Step 5. Click on the Show button under “Options” section.

Step 6. Then, type the following in separate lines and click OK:-

  • powershell.exe
  • powershell_ise.exe
  • pwsh.exe

Step 7. Click the Apply button.

Step 8. Click the OK button.

Step 9. Restart your computer.

The next time you try to run the disabled contents, i.e., PowerShell or PowerShellISE, you will see, “This app has been blocked by your system administrator.”

Conclusion

To conclude, PowerShell is a powerful command-line tool that enables users to run scripts and commands to manage Windows features, change system settings, troubleshoot issues, automate tasks, etc. However, there may be situations where disabling PowerShell is necessary to comply with company policies or prevent malicious attacks. Windows 11 and 10 offer multiple ways to disable PowerShell access, including using the Security Policy and Local Group Policy Editor. By following the steps outlined in this article, users can disable PowerShell and PowerShell ISE on their computers. It is important to note that PowerShell should only be disabled when necessary, and users should exercise caution when running commands or scripts to prevent any unintended consequences.

Leave a Reply