Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Admin rights underpin many Windows exploits, analysis finds

Including 100 percent of IE flaws

Article comments

Organisations could dramatically cut their exposure to vulnerabilities in Microsoft software simply by limiting Windows admin rights, an analysis by BeyondTrust has reminded the world.

Using flaw data drawn from Microsoft’s security bulletins throughout 2010, removing admin rights for users of Office and Internet Explorer would have mitigated security worries in 100 percent of cases for those applications.

Overall, of the 256 vulnerabilities published by the company during the year, 163, or 64 percent, would have been mitigated by removing admin rights. On the operating system side, 76 out of 162 flaws could be avoided using the same tactic.

Of the 142 Windows 7 flaws ever made public, 42 percent would be mitigated by removing admin rights.

The idea of removing or limiting admin rights is not a new one but is not simple to implement. Admin rights are often left on in Windows and managed through User Account Control (UAC) because restricting them causes problems for some applications, including legacy apps that assume such rights.

BeyondTrust’s long-standing solution is a product called PowerBroker for Desktops which admins can use to define rights on an app-by-app or process-by-process basis, but always while keeping them to a minimum.

“Microsoft does a great job identifying and patching those vulnerabilities, but the pure number demonstrates the volume of vulnerabilities in some of the most common business software in the enterprise,” said BeyondTrust’s director of program management, Peter Beauregard.

If buying a software product to manage admin rights for one company's products doesn’t appeal, a second argument is that limiting the same rights will also protect against a percentage of unknown vulnerabilities as well, he said. That would include non-Microsoft vulnerabilities that exploit the same privilege escalation design.

“Patching alone doesn’t protect the enterprise, because so many vulnerabilities are undiscovered and others could take weeks to patch. Removing administrative privileges from users is the only way to eliminate the vast majority of risk that comes from these vulnerabilities," said Beauregard.

One dimension not addressed by the report is the situation of consumers who run Windows with admin privileges turned on by default. For this section of the Windows population, the only resort is a well of skepticism and the willingness to click ‘no’ when the Windows UAC interface throws up a request for admin rights.   



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *