Removing admin rights mitigates 92% of critical Microsoft vulnerabilities
Tuesday, February 18, 2014
MANCHESTER, U.K., and Boston, MA
New analysis of "Patch Tuesday" bulletins shows benefits of stripping admin rights
92% of all vulnerabilities reported by Microsoft with a critical severity rating can be mitigated by removing admin rights, according to new research from Avecto.
The market leading privilege management firm analyzed data from security bulletins issued by Microsoft throughout 2013.
The results also revealed that removing admin rights would mitigate 96% of critical vulnerabilities affecting Windows operating systems, 91% critical vulnerabilities affecting Microsoft Office and 100% of vulnerabilities in Internet Explorer.
Microsoft bulletins are issued on the second Tuesday of each month, a date known commonly as Patch Tuesday, and provide fixes for known security issues.
If malware infects a user with admin rights, it can cause incredible damage locally, as well as on a wider network. Additionally, employees with admin rights have access to install, modify and delete software and files as well as change system settings.
Paul Kenyon, co-founder and EVP of Avecto said: "It's astounding just how many vulnerabilities can be overcome by the removal of admin rights.
"The dangers of admin rights have been well documented for some time, but what's more concerning is the number of enterprises we talk to that are still not fully aware of how many admin users they have. Without clear visibility and control, they are facing an unknown and unquantified security threat."
"Awareness of the importance of privilege management is growing, but we need to get to the point where it's a standard measure for all organizations. These findings make it clear that it's a critical element of an endpoint security strategy that just cannot be ignored."
Paul concluded: "This analysis focuses purely on known vulnerabilities, and cyber criminals will be quick to take advantage of bugs that are unknown to vendors. Defending against these unknown threats is difficult, but removing admin rights is the most effective way to do so."
The full report can be downloaded here.
Avecto is growing. View our current list of career opportunities
Avecto is a leader in Windows privilege management, helping organizations to deploy secure and compliant desktops and servers.
The company has been named second fastest growing technology company in the UK and 10th fastest growing software company in the EU, Middle East and Africa, according to the 2013 Deloitte Fast 50 and Fast 500 EMEA lists.
With its award winning Privilege Guard technology, organizations can now empower all Windows based desktop and server users with the privileges they require to perform their roles, without compromising the integrity and security of their systems.
Companies of all sizes rely on Avecto to reduce operating expenses and strengthen security across their Windows based environments, reducing operating costs and improving system security.
Jonathan Saatchi, MC2