90% of critical Windows vulnerabilities mitigated by eliminating administrator rights
According to a recent study, as much as 90% of all Windows 7 vulnerabilities can be mitigated by forcing users to operate their computers with Standard User privileges, rather than Administrator privileges. This is something I have been harping about for several years. The following are some of their findings after an extensive study.
From a news release published by BeyondTrust, on March 29, 2010, BeyondTrust's Analysis of 15 months of Microsoft Security Bulletins finds the vast majority of vulnerabilities can be diminished by configuring end users as Standard Users. They found that the removal of administrator rights from Windows users is a mitigating factor for 90% of Critical Windows 7 Vulnerabilities.
Key findings from this report show that removing administrator rights will better protect companies against the exploitation of:
- 90% of critical Windows 7 vulnerabilities reported to date
- 100% of Microsoft Office vulnerabilities reported in 2009
- 94% of Internet Explorer and 100% of Internet Explorer 8 vulnerabilities reported in 2009
- 64% of all Microsoft vulnerabilities reported in 2009
"Enterprises continue to face imminent danger from zero-day attacks as new vulnerabilities are exploited before patches can ever be developed and deployed," said Steve Kelley, EVP of corporate development. "Our findings reflect the critical role that restricting administrator rights, plays in protecting against these types of threats. As companies migrate to Windows 7 they need to be aware that despite enhanced security features on the new operating systems, better controls for administrative rights are still needed to provide adequate protection."
My note: The same results can be had with the Windows 2000, XP Pro and Vista operating systems. See my 2009 article titled Running a PC with reduced user privileges stops 92% of malware
For information about how to manage user account privileges, please read my web page titled Windows 2000, XP, Vista & 7 User Account Privileges Explained. Although it was originally written when Windows 2000 and XP were the mainstream OSes, updated information for Windows Vista and Windows 7 computers has been added. Besides, some of you are probably reading this on an XP computer and this information can protect that PC from malware attacks that would otherwise be successful.
That said, no Windows computer is truly safe without some form of anti-virus, anti-spyware and anti-malware protection installed and kept up to date. If you are looking for an all in one solution for complete malware protection please look into Trend Micro Internet Security. A single license allows you to install it on three computers for as long as the subscription is paid up. They offer reduced rates for additional years of coverage when you sign up. I can get you a 10% discount on your initial subscription to Trend Micro Internet Security right now. Just copy and paste my coupon code "trendsecurity" into the coupon field in the shopping cart and apply it and the total will be reduced by 10%.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=885d2d2f-772e-418d-ac73-3f40dd3d3f67)
Trend Micro Internet Security products, for home and office users, use in-the-cloud malware definitions that are updated every day, all day, as soon as new or altered strains of viruses and other malware are detected in the wild and analyzed. By offloading the bulk of these ever changing virus definitions to cloud servers, the load on your computers is greatly reduced. All users of Trend security programs are instantly protected from hostile web pages laden with malware exploits and hostile email, by the Trend Micro Smart Protection Network.
This weblog is licensed under a Creative Commons License.The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.
