Removing 'admin' mitigates most Windows flaws
Businesses should consider making employees log in as standard users, BeyondTrust has advised.
The vast majority of all critical Microsoft vulnerabilities, some 92 per cent, could have been mitigated by removing the administrator rights of Windows users, a new report has revealed.
The researchers BeyondTrust said that the results demonstrated that if companies configured users as 'standard', they could better protect themselves against malware and zero-day threats.
According to the findings, removing administrator rights could have protected against 2008 vulnerabilities reported in Microsoft Office (94 per cent), Internet Explorer (89 per cent), and Microsoft Windows itself (53 per cent).
Microsoft already has best practice advice on this issue in its security bulletins, which says users whose accounts were configured to have fewer user rights on the system would be less affected than those who had administrative rights.
This issue has cropped up recently with the alleged flaw' in the Windows 7 Beta, where blogger Long Zheng said that its User Access Control (UAC) could be completely disabled without user interaction, increasing the risk of malware.
In a disclaimer, he said: "The user must be in the 'Administrative' user group, and not in the 'Standard' user group, where they will be prompted for an administrative password."
Top 5 challenges of migrating applications to the cloud
Explore how VMware Cloud on AWS helps to address common cloud migration challengesDownload now
3 reasons why now is the time to rethink your network
Changing requirements call for new solutionsDownload now
All-flash buyer’s guide
Tips for evaluating Solid-State ArraysDownload now
Enabling enterprise machine and deep learning with intelligent storage
The power of AI can only be realised through efficient and performant delivery of dataDownload now