Jump to content


anyweb

64% of Microsoft Vulnerabilities Mitigated by Removing Admin Rights

Recommended Posts

As geeks, we're well aware of the importance of running as a normal user instead of as root (UNIX/Linux/BSD) or administrator (Windows). However, while this should be common knowledge to anyone reading OSNews, it's often hard to illustrate just how important it is - until now, that is. A report by BeyondTrust looked at how many security bulletins issused by Microsoft are mitigated by simply... Not running as administrator.

 

Despite the advances made by Microsoft on securing Windows, the fact of the matter is that the first user created on a new system is always administrator. This means that many (most?) Windows users out there are running as administrator, and as BeyondTrust's report shows - that's incredibly insecure.

 

Of the total amount of security vulnerabilities put out by Microsoft in 2009, across all versions of Windows and Office, 64% are mitigated by removing administrator rights. Microsoft published 190 security vulnerabilities last year, and 121 of them are thwarted by running without administrator rights.

 

Breaking it down per product, the figures become even more interesting. Microsoft reported 55 Office vulnerabilities in 2009, and all of them are mitigated by removing admin rights. Of the 33 Internet Explorer issues reported, 94% were thwarted by removing admin rights. For Internet Explorer 8, 100% would be. If we restrict the vulnerabilities to just Windows, we see that 53% can be mitigated by not running as admin.

 

The threat of the most severe type of vulnerability, the ones that would allow remote code execution, can be greatly educed by not running as admin: 87% of them are ineffective when you do not run as administrator.

 

These figures how us exactly what we already knew: running as administrator is stupid, and asking for trouble. All the more reason for Microsoft to finally abolish that quaint custom of making the first user an administrator.

 

via > http://www.osnews.com/story/23088/64_of_MS_Vulnerabilities_Mitigated_by_Removing_Admin_Rights

Share this post


Link to post
Share on other sites

I found these numbers very interesting and quite compelling until I read this part of the report:

 

"A vulnerability is considered mitigated by removing administrator rights if the following sentence is located in the Security Bulletin’s Mitigating Factors section, ―Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."

 

I see that "could be" and it lends me to believe this all needs to be taken with a grain of salt. I'm not trying to claim running as local admin is a good idea, but this report is making some massive statistical claims based on a "could be" from Microsoft... I don't know about all that... thoughts?

Share this post


Link to post
Share on other sites



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.