Hello fellow PowerShell Engineers! I have been playing with ChatGPT’s Deep Research and thinking about my goals for this newsletter. Typically, there so many things going on in the PowerShell community that it’s hard to really get a grasp - a lot of stuff falls through the cracks. I subscribe to the TLDR newsletter for just general technology knowledge for this exact reason. I hate not knowing standard industry news. I think there is a gap that this newsletter could serve for PowerShell knowledge.

Moving forward, I will be releasing a weekly update on Mondays with news and updates related to PowerShell. This is going to be a curated letter (not just Deep Research, though that will continue to help). This one in particular may be a bit longer since it’s going back a few months to pull out releases. I never clearly defined a goal for PowerShellEngineer.com; as you all know, I have typically sent out a message that goes along with my latest video. I will be really curious to see what you all think of this new format. Thank you!

New Content

• Grok 2 vs. Qwen 2.5 Max: If you still have not seen my ongoing AI wars on who can build a better PowerShell Pokedex, be sure to check it out:

• Making Autonomous AI Agents with PowerShell: Doug Finke has a great new video out about making autonomous AI agents.

• PowerShell Podcast Talks MS Graph: Andrew breaks down MS Graph with Moreten Kristensen.

Security Updates

• PowerShell 7.5 Vulnerability Patched: Microsoft disclosed a .NET remote code execution flaw affecting PowerShell 7.5 (CVE-2025-21171). Attackers could exploit it with specially crafted requests, so admins are advised to update to the fixed PowerShell 7.5.0 release (Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability · Issue #72 · PowerShell/Announcements · GitHub). This update ensures PowerShell 7 is secured against the vulnerability.
  
  

• Secure Boot Vulnerability Mitigation: Microsoft released a PowerShell script to address the BlackLotus UEFI Secure Boot vulnerability (CVE-2023-24932). The script updates bootable media with a new Secure Boot certificate, finally closing a loophole that allowed malware to bypass Secure Boot on Windows 10/11 (Microsoft addresses Windows vulnerability with PowerShell script - Techzine Global). This proactive use of PowerShell helps protect systems at boot level.
  
  

• Fileless Malware Attacks Rising: Cybersecurity reports warn of increased fileless attacks leveraging PowerShell. Threat actors use PowerShell and other legitimate tools to load malware directly in memory without touching disk, evading traditional antivirus detection (Hackers Using PowerShell and Microsoft Legitimate Apps to Deploy Malware). Techniques include malicious iex(New-Object Net.WebClient)... commands and Living-Off-the-Land (LOLBAS) methods, highlighting the need for vigilant PowerShell script monitoring in enterprise security.
  

• New Locksmith: Jake Hildreth and Sam Erde have released an updated version of the Locksmith module (release notes).

New Features and Releases

• PowerShell 7.5 General Availability: The latest stable release PowerShell 7.5 is now GA, focusing on quality, security, and stability (PowerShell Team - Automating the world one-liner at a time…). It introduces new cmdlets, finalizes some previously experimental features, and is built on .NET 9. PowerShell 7.5 will be supported for 18 months as a standard release (PowerShell Team - Automating the world one-liner at a time…). (PowerShell 7.4 remains the Long-Term Support version, supported until Nov 2026.)
  
  

• PowerShell 7.6 Previews: Development continues with PowerShell 7.6 previews. As of late February 2025, Preview 3 was released, bringing minor improvements and updated modules like PSResourceGet 1.1.0 and PSReadLine 2.3.6 (What's New in PowerShell 7.6 - PowerShell | Microsoft Learn). These previews, built on .NET 9, allow users to test upcoming features and provide feedback before the next version ships.
  
  

• AI Shell Preview 2: Microsoft is iterating on AI Shell, an AI-powered assistant for PowerShell. Preview 2 (released in late February) added better Azure PowerShell integration and improved error handling for native commands (Announcing AI Shell Preview 2 - PowerShell Team) (Announcing AI Shell Preview 2 - PowerShell Team). It also expanded support to third-party OpenAI-compatible models (e.g. Ollama, LocalAI) so users can leverage local or alternative AI engines in their command-line workflow (Announcing AI Shell Preview 2 - PowerShell Team). These enhancements help AI Shell generate smarter responses and even auto-fix errors (Resolve-Error now captures native command errors for AI suggestions (Announcing AI Shell Preview 2 - PowerShell Team)). Users can install/upgrade the module via Install-Module AIShell and even auto-launch it in Windows Terminal for an AI-assisted shell experience.

Automation Techniques and Tips

• Using Automatic Variables: Community experts are sharing deep-dives into PowerShell’s automatic variables to improve automation scripts. For example, understanding variables like $MaximumHistoryCount or $LastExitCode can help tweak PowerShell’s default behaviors. Adam Bertram’s blog on automatic variables pulls back the curtain on how these built-in variables work behind the scenes (PowerShell SnippetRace 01-04/2025 | PowerShell Usergroup Austria), enabling scripters to fine-tune execution history, error handling, and more.
  
  

• Custom Logging in Scripts: A recurring best practice is implementing robust logging for your PowerShell automation. Instead of relying only on console output or Verbose/Debug streams, you can build a custom logging function to record actions to a file. Guides like Adam Bertram’s “Write-Log” tutorial show how to create a simple reusable logger (PowerShell SnippetRace 01-04/2025 | PowerShell Usergroup Austria). With such a logging function, you can trace what your script did (and in what order), which is invaluable for troubleshooting complex automation.
  

• Azure Automation Example – Disk Conversion: PowerShell remains crucial for cloud automation. A recent walkthrough on 4sysops detailed how to convert Azure Premium SSD v2 disks via PowerShell, a task that benefits from scripting if you need to update many VMs. In the deep-dive article, the author explains the required cmdlets and steps to perform the disk conversion in Azure (PowerShell SnippetRace 01-04/2025 | PowerShell Usergroup Austria). This is a great example of using PowerShell to perform bulk or complex cloud tasks that would be tedious through the portal.
  
  

• Community Q&A and JSON Handling: The PowerShell community is actively solving real-world problems. For instance, blog posts have tackled how to properly stringify and parse nested JSON objects in PowerShell (turning JSON into PSObjects and vice versa). Techniques for handling complex JSON serializations were discussed by community contributors in recent posts, helping scripters deal with APIs and data interchange more easily. (See Bas Wijdenes’ blog for an example of converting nested JSON to a PSCustomObject and back.) These tips collectively empower admins to write more efficient automation scripts.

Industry News and Discussions

• Azure AD Module Retirement: A major change in the PowerShell ecosystem is the retirement of the older Azure AD modules. Microsoft had deprecated the MSOnline and AzureAD PowerShell modules in 2024, and now the final retirement is underway in 2025. Specifically, the MSOnline module will stop working between early April and late May 2025, and the AzureAD module will lose support after March 30, 2025 (with full shutdown by July 2025) (Microsoft Entra releases and announcements - Microsoft Entra | Microsoft Learn). Admins must migrate any identity management scripts to the Microsoft Graph PowerShell SDK or the newer Microsoft Entra module to avoid disruptions (Microsoft Entra releases and announcements - Microsoft Entra | Microsoft Learn). This shift to Graph-based modules has been heavily emphasized in Microsoft’s communications.
  
  

• Transition Challenges (Graph PowerShell SDK): The move to the Graph SDK hasn’t been entirely smooth. The PowerShell community (including MVPs like Tony Redmond) has reported bugs and stability issues in recent Graph PowerShell SDK releases. For example, version 2.26 of the Microsoft Graph SDK had serious flaws (such as New-MgGroupMember failing due to malformed request URLs), to the point of being “practically unusable” until fixed (Graph SDK V2.26 Issues Make it Unusable) (Graph SDK V2.26 Issues Make it Unusable). These hiccups have spurred active discussions about Microsoft’s testing and release quality. While updates are addressing the issues, enterprise scripters are cautious and often pin or test module versions to ensure their automation doesn’t break during this transition to Graph APIs.
  
  

• PowerShell Conferences and Community: The PowerShell community remains vibrant in sharing knowledge. The annual PowerShell + DevOps Global Summit 2025 is taking place April 7–10, 2025 in Bellevue, WA ( DOWST.DEV | PowerShell Weekly – Your weekly round up of all things PowerShell), bringing together professionals to discuss the latest practices, security, and features. Similarly, PowerShell Conference EU has posted session recordings on YouTube – for instance, “What’s New in PowerShell 7.5!” by Jason Helmick & Sean Wheeler covers the new release’s features in depth. Community content like this (available on the PSConf EU YouTube channel) is a great way to get up to speed on recent changes. In forums and blog comments, admins are also voicing some frustration at the rapid changes (as older scripts need updating), but overall the community is adapting by exchanging tips and tools to ease migrations.

Relevant Links:

• Official Announcements: PowerShell Team’s blog posts (e.g. PowerShell 7.5 GA (PowerShell Team - Automating the world one-liner at a time…), Microsoft Update changes for PowerShell 7 (Microsoft Update changes for PowerShell 7 - PowerShell Team)) and Microsoft Tech Community updates on Azure AD module retirement (Microsoft Entra releases and announcements - Microsoft Entra | Microsoft Learn).

• Tech News: Coverage of the BlackLotus Secure Boot script (Microsoft addresses Windows vulnerability with PowerShell script - Techzine Global) on Techzine, and analysis of PowerShell-based attacks on security blogs (Hackers Using PowerShell and Microsoft Legitimate Apps to Deploy Malware).

Community Blogs & YouTube: Adam Bertram’s articles on advanced PowerShell usage (PowerShell SnippetRace 01-04/2025 | PowerShell Usergroup Austria) (PowerShell SnippetRace 01-04/2025 | PowerShell Usergroup Austria), 4sysops tutorials, and conference session videos like“What’s New in PowerShell 7.5” (PSConf EU, YouTube). These provide deeper dives and practical demos of the latest PowerShell features and techniques.