 |
 |
|
By Don Reisinger on 2011-04-26
A report from security vendor BeyondTrust gives us an aggregated overview of the number and type of security vulnerabilities reported in 2010 by Microsoft and its partners. BeyondTrust's 2010 Microsoft Vulnerability Report indicates that removing administrator rights from employee PCs can go a long way toward securing your company from some of the most prevalent threats in the wild. BeyondTrust, a vendor of identity management solutions, explains the methodology behind its conclusions, which are based on the security vulnerabilities in Microsoft software that are regularly identified by Microsoft and its partners. According to BeyondTrust, in 2010 Microsoft published more than 100 security bulletins documenting and providing patches for 256 vulnerabilities. BeyondTrust analyzed all of the published Microsoft vulnerabilities in 2010. The report also examined all of the published Windows 7 vulnerabilities from the time that operating system was introduced in October 2009 through December 2010. This report uses information found in the Individual Security Bulletins to classify vulnerabilities by the following criteria: severity rating; vulnerability impact; and affected software. The report considers a vulnerability capable of being mitigated by removing administrator rights if the following sentence is located in the Security Bulletin’s Mitigating Factors section: “Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”
|
|
|
- of
Microsoft OfficeA total of 84 Microsoft Office vulnerabilities appeared in the 2010 Security Bulletins. All 84 met BeyondTrust's criteria to be mitigated by removing administrator rights.
Internet ExplorerIn 2010, there were 43 reported IE vulnerabilities. According to BeyondTrust, removing administrator rights can mitigate all of these, even for IE 8.
Remote Code Execution Remote Code Execution vulnerabilities may allow someone who is not at the computer to run unauthorized software and install programs; view, change, or delete data; and/or create new user accounts.
Mitigating Remote Code ExecutionIn 2010, there were 192 Remote Code Execution Microsoft vulnerabilities published, 158 of which (82 percent) may be mitigated by removing administrator rights.
Critical ratingIn 2010, 101 vulnerabilities had a Critical rating, the highest Microsoft assigns to threats. By removing employee administrator rights, 81 percent of those threats could be mitigated.
No panaceaOf the total 256 vulnerabilities published in Microsoft’s 2010 Security Bulletins, more than one third (36 percent) could not be mitigated by removing an employee’s administrator rights.
Windows OSLess than half (47 percent) of Windows OS vulnerabilities could be diminished by configuring users as "standard" users. In 2010, there were 162 published vulnerabilities for all versions of Microsoft operating systems.
Windows 7Since the October 2009 release of Windows 7, there have been 72 Critical Windows 7 OS vulnerabilities published, and a total of 147 Windows 7 vulnerabilities published.
Critical versus standard75 percent of critical Windows 7 OS vulnerabilities can be mitigated by having users log in as standard users; when all Windows 7 vulnerabilities are considered, only 42 percent can be mitigated by removing administrator rights.
|
| FEATURED SPONSORED VIDEOS | |
|
|
|
|
|
|
|
|
Apple's MacBook Pro: 10 Reasons It Belongs in the Workplace
10 Ways to Develop Your Tech Talent
10 Products Apple Should Launch In the Next Year
With More Budget Comes Greater Responsibility for CIOs
CIOs and Lawyers: A Match Made in Heaven or Hell?
Writing Effective Email: Resist These 10 Cardinal Sins
