Security Slideshow: Microsoft Security Vulnerability Report: How to Mitigate Risk
A report from security vendor BeyondTrust gives us an aggregated overview of the number and type of security vulnerabilities reported in 2010 by Microsoft and its partners. BeyondTrust's 2010 Microsoft Vulnerability Report indicates that removing administrator rights from employee PCs can go a long way toward securing your company from some of the most prevalent threats in the wild. BeyondTrust, a vendor of identity management solutions, explains the methodology behind its conclusions, which are based on the security vulnerabilities in Microsoft software that are regularly identified by Microsoft and its partners. According to BeyondTrust, in 2010 Microsoft published more than 100 security bulletins documenting and providing patches for 256 vulnerabilities. BeyondTrust analyzed all of the published Microsoft vulnerabilities in 2010. The report also examined all of the published Windows 7 vulnerabilities from the time that operating system was introduced in October 2009 through December 2010. This report uses information found in the Individual Security Bulletins to classify vulnerabilities by the following criteria: severity rating; vulnerability impact; and affected software. The report considers a vulnerability capable of being mitigated by removing administrator rights if the following sentence is located in the Security Bulletin's Mitigating Factors section: "Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."