Want Security? Remove Admin Rights

Wednesday, February 19, 2014 @ 12:02 PM gHale

Ninety-two percent of all vulnerabilities reported by Microsoft with a critical severity rating can end up mitigated by removing admin rights, a new report said.

In addition, removing admin rights would mitigate 96 percent of critical vulnerabilities affecting Windows operating systems, 91 percent of critical vulnerabilities affecting Microsoft Office and 100 percent of vulnerabilities in Internet Explorer, according to the report by security firm Avecto.

Under Attack: XP Zero Day
Patch Tuesday Fixes Zero Day
Zero Day: Microsoft Under Attack
Microsoft Reinstates Update Tablet

If malware infects a user with admin rights, it can cause incredible damage locally, as well as on a wider network, the report said. Additionally, employees with admin rights have access to install, modify and delete software and files as well as change system settings.

“The dangers of admin rights have been well documented for some time, but what’s more concerning is the number of enterprises we talk to that are still not fully aware of how many admin users they have,” said Paul Kenyon, co-founder and executive vice president of Avecto. “Without clear visibility and control, they are facing an unknown and unquantified security threat.”

“This analysis focuses purely on known vulnerabilities, and cyber criminals will be quick to take advantage of bugs that are unknown to vendors,” Kenyon said. “Defending against these unknown threats is difficult, but removing admin rights is the most effective way to do so.”

Click here to register for the study.

Leave a Reply

You must be logged in to post a comment.