Cut Microsoft admin rights to mitigate 92% of threats, study shows

News

Cut Microsoft admin rights to mitigate 92% of threats, study shows

Warwick Ashford

Removing Microsoft admin rights from employees mitigates 92% of critical vulnerabilities and 60% of all vulnerabilities reported by the software firm in the past year, a study has revealed.

The study by privilege management firm Avecto analysed data from security bulletins issued by Microsoft throughout 2013.

password-admin-290x230-THINKSTOCK.jpg

The study showed that removing admin rights would mitigate 96% of critical vulnerabilities affecting Windows operating systems, 91% of critical vulnerabilities affecting Microsoft Office and 100% of vulnerabilities in Internet Explorer.

The security precaution would also mitigate 100% of critical remote code execution vulnerabilities and 80% of critical information disclosure vulnerabilities.

Employees with admin can install, modify and delete software and files as well as change system settings.

The report said this means if malware infects a user with admin rights, it can cause damage locally as well as on a wider network.,

“It is astounding just how many vulnerabilities can be overcome by the removal of admin rights,” said Paul Kenyon, co-founder and executive vice-president of Avecto.

However, he said many companies are still not fully aware of how many admin users they have and consequently face an unknown and unquantified security threat.

“Awareness of the importance of privilege management is growing, but we need to get to the point where it is a standard measure for all organisations,” said Kenyon.

“These findings make it clear that privilege management is a critical element of an endpoint security strategy that just cannot be ignored,” he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy