Wednesday, March 31, 2010

Running as Admin = Not Good for Security Exploits (and in general)

Just found this article about how to easily mitigate security exploits in Windows and it of course means running as a Power User or a Regular User. Most database programs require Power User status so that would be the most common for my clients and most of them run Quickbooks or some other database program.

Here are some numbers from the article.

-100% of Microsoft Office vulnerabilities are mitigated by configuring users to operate without administrator rights.

-By removing administrator rights companies will be better protected against exploitation of 94% of vulnerabilities in all versions of Internet Explorer, and 100% of those in IE 8.

-87% of vulnerabilities categorized as Remote Code Execution vulnerabilities are mitigated by removing administrator rights.

-Companies are better protected against 81% of Critical Microsoft vulnerabilities by configuring users without administrator rights.

-Of the total published Microsoft vulnerabilities, 64% are mitigated by removing administrator rights.

-In 2009, exploits of 53% of Windows operating system vulnerabilities can be diminished by configuring users as standard users.

-90% of Critical Windows 7 operating system vulnerabilities are mitigated by having users log in as standard users.

-Of all Windows 7 vulnerabilities ever published, 57% are mitigated by removing administrator rights.


-----
Source: BeyondTrust, Inc. http://www.beyondtrust.com/downloads/whitepapers/documents/wp039_BeyondTrust_2009_Microsoft_Vulnerability_Analysis.pdf
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)