Cut Microsoft admin rights to mitigate 92% of threats

[*BlackFox]

Removing Microsoft admin rights from employees mitigates 92% of critical vulnerabilities and 60% of all vulnerabilities reported by the software firm in the past year, a study has revealed. The study by privilege management firm Avecto analysed data from security bulletins issued by Microsoft throughout 2013.

The study showed that removing admin rights would mitigate 96% of critical vulnerabilities affecting Windows operating systems, 91% of critical vulnerabilities affecting Microsoft Office and 100% of vulnerabilities in Internet Explorer. The security precaution would also mitigate 100% of critical remote code execution vulnerabilities and 80% of critical information disclosure vulnerabilities.

Employees with admin can install, modify and delete software and files as well as change system settings. The report said this means if malware infects a user with admin rights, it can cause damage locally as well as on a wider network.,

Read More Here

[DarkJackal]

They should make a windows version without admin rights, and remove 92% of consumers.

[poehalcho]

They should make a windows version without admin rights, and remove 92% of consumers.

[BuDo]

They should make a windows version without admin rights, and remove 92% of consumers.

[Azilius]

This is known as the 'least privilege policy', it's pretty standard where security is concerned - a user (employee) should only get the privileges needed to get the job done. 99.999999% of the time they don't need admin status =p