Removing administrator rights mitigates 97 percent of all critical security vulnerabilities reported by Microsoft according to new research from security software company, Avecto.
Analysis of MS Patch Tuesday bulletins revealed that 80 percent of all Microsoft vulnerabilities could be mitigated by removing admin rights -and 98 percent of critical vulnerabilities affecting Windows OSs, 95 percent of critical vulnerabilities affecting Microsoft Office and 99.5 percent of vulnerabilities in Internet Explorer. The total of 242 Microsoft vulnerabilities rated critical in 2014, represented a 65 percent increase over 2013.
Paul Kenyon, EVP of Avecto commented in a public statement: “... removal of admin rights proves to be a simple and effective threat mitigation strategy – and yet many businesses are still overlooking this fundamental practice. There is a misconception that passive tools, like detection technologies, can provide adequate protection, and yet evidence clearly demonstrates that organisations can no longer afford to rely on reactive strategies to deal with the advanced nature of so many attacks.”
Privileged users remain primary targets for exploit, as they provide unrestricted access to an endpoint, and employees with admin rights can install, modify and delete software and files as well as changing system settings.
Consequently Kenyon concluded: “Privilege management is the first step that every organisation should be taking to improve the security posture of all of their endpoints. It can mitigate the majority of advanced cyber-attacks, especially when layered with other proactive approaches, such as application control, patch management and sandboxing.”