Removing admin rights mitigates 92% of critical Microsoft vulnerabilities
Posted on 18 February 2014.
Avecto analyzed data from security bulletins issued by Microsoft throughout 2013 and concluded that 92% of all vulnerabilities reported by Microsoft with a critical severity rating can be mitigated by removing admin rights.

The results also revealed that removing admin rights would mitigate 96% of critical vulnerabilities affecting Windows operating systems, 91% critical vulnerabilities affecting Microsoft Office and 100% of vulnerabilities in Internet Explorer.

If malware infects a user with admin rights, it can cause incredible damage locally, as well as on a wider network. Additionally, employees with admin rights have access to install, modify and delete software and files as well as change system settings.

Paul Kenyon, co-founder and EVP of Avecto said: "The dangers of admin rights have been well documented for some time, but what's more concerning is the number of enterprises we talk to that are still not fully aware of how many admin users they have. Without clear visibility and control, they are facing an unknown and unquantified security threat."

Paul concluded: "This analysis focuses purely on known vulnerabilities, and cyber criminals will be quick to take advantage of bugs that are unknown to vendors. Defending against these unknown threats is difficult, but removing admin rights is the most effective way to do so."


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th