Welcome!

News Feed Item

Removing admin rights mitigates 92% of critical Microsoft vulnerabilities

92% of all vulnerabilities reported by Microsoft with a critical severity rating can be mitigated by removing admin rights, according to new research from Avecto.

The market leading privilege management firm analyzed data from security bulletins issued by Microsoft throughout 2013.

The results also revealed that removing admin rights would mitigate 96% of critical vulnerabilities affecting Windows operating systems, 91% critical vulnerabilities affecting Microsoft Office and 100% of vulnerabilities in Internet Explorer.

Microsoft bulletins are issued on the second Tuesday of each month, a date known commonly as Patch Tuesday, and provide fixes for known security issues.

If malware infects a user with admin rights, it can cause incredible damage locally, as well as on a wider network. Additionally, employees with admin rights have access to install, modify and delete software and files as well as change system settings.

Paul Kenyon, co-founder and EVP of Avecto said: “It’s astounding just how many vulnerabilities can be overcome by the removal of admin rights.

“The dangers of admin rights have been well documented for some time, but what’s more concerning is the number of enterprises we talk to that are still not fully aware of how many admin users they have. Without clear visibility and control, they are facing an unknown and unquantified security threat.”

“Awareness of the importance of privilege management is growing, but we need to get to the point where it’s a standard measure for all organizations. These findings make it clear that it’s a critical element of an endpoint security strategy that just cannot be ignored.”

Paul concluded: “This analysis focuses purely on known vulnerabilities, and cyber criminals will be quick to take advantage of bugs that are unknown to vendors. Defending against these unknown threats is difficult, but removing admin rights is the most effective way to do so.”

The full report can be downloaded here: www.avecto.com/microsoft-vulnerabilities

Notes to editors

Methodology

The research analyzed Microsite security bulletins from 2013.

A vulnerability was classed as one that could be mitigated by removing admin rights if the following sentence was found within the executive summary: “users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative users rights.”

For a more detailed overview of the methodology, please see Appendix 1 in the full report here: www.avecto.com/microsoft-vulnerabilities

About Avecto

Avecto is a leader in Windows privilege management, helping organizations to deploy secure and compliant desktops and servers.

The company has been named second fastest growing technology company in the UK and 10th fastest growing software company in the EU, Middle East and Africa, according to the 2013 Deloitte Fast 50 and Fast 500 EMEA lists.

With its award winning Privilege Guard technology, organizations can now empower all Windows based desktop and server users with the privileges they require to perform their roles, without compromising the integrity and security of their systems.

Companies of all sizes rely on Avecto to reduce operating expenses and strengthen security across their Windows based environments, reducing operating costs and improving system security.

http://www.avecto.com

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Blockchain. A day doesn’t seem to go by without seeing articles and discussions about the technology. According to PwC executive Seamus Cushley, approximately $1.4B has been invested in blockchain just last year. In Gartner’s recent hype cycle for emerging technologies, blockchain is approaching the peak. It is considered by Gartner as one of the ‘Key platform-enabling technologies to track.’ While there is a lot of ‘hype vs reality’ discussions going on, there is no arguing that blockchain is b...
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
The cloud era has reached the stage where it is no longer a question of whether a company should migrate, but when. Enterprises have embraced the outsourcing of where their various applications are stored and who manages them, saving significant investment along the way. Plus, the cloud has become a defining competitive edge. Companies that fail to successfully adapt risk failure. The media, of course, continues to extol the virtues of the cloud, including how easy it is to get there. Migrating...
The need for greater agility and scalability necessitated the digital transformation in the form of following equation: monolithic to microservices to serverless architecture (FaaS). To keep up with the cut-throat competition, the organisations need to update their technology stack to make software development their differentiating factor. Thus microservices architecture emerged as a potential method to provide development teams with greater flexibility and other advantages, such as the abili...
ChatOps is an emerging topic that has led to the wide availability of integrations between group chat and various other tools/platforms. Currently, HipChat is an extremely powerful collaboration platform due to the various ChatOps integrations that are available. However, DevOps automation can involve orchestration and complex workflows. In his session at @DevOpsSummit at 20th Cloud Expo, Himanshu Chhetri, CTO at Addteq, will cover practical examples and use cases such as self-provisioning infra...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settle...
Product connectivity goes hand and hand these days with increased use of personal data. New IoT devices are becoming more personalized than ever before. In his session at 22nd Cloud Expo | DXWorld Expo, Nicolas Fierro, CEO of MIMIR Blockchain Solutions, will discuss how in order to protect your data and privacy, IoT applications need to embrace Blockchain technology for a new level of product security never before seen - or needed.
Leading companies, from the Global Fortune 500 to the smallest companies, are adopting hybrid cloud as the path to business advantage. Hybrid cloud depends on cloud services and on-premises infrastructure working in unison. Successful implementations require new levels of data mobility, enabled by an automated and seamless flow across on-premises and cloud resources. In his general session at 21st Cloud Expo, Greg Tevis, an IBM Storage Software Technical Strategist and Customer Solution Architec...
The use of containers by developers -- and now increasingly IT operators -- has grown from infatuation to deep and abiding love. But as with any long-term affair, the honeymoon soon leads to needing to live well together ... and maybe even getting some relationship help along the way. And so it goes with container orchestration and automation solutions, which are rapidly emerging as the means to maintain the bliss between rapid container adoption and broad container use among multiple cloud host...
Blockchain is a shared, secure record of exchange that establishes trust, accountability and transparency across business networks. Supported by the Linux Foundation's open source, open-standards based Hyperledger Project, Blockchain has the potential to improve regulatory compliance, reduce cost as well as advance trade. Are you curious about how Blockchain is built for business? In her session at 21st Cloud Expo, René Bostic, Technical VP of the IBM Cloud Unit in North America, discussed the b...
Imagine if you will, a retail floor so densely packed with sensors that they can pick up the movements of insects scurrying across a store aisle. Or a component of a piece of factory equipment so well-instrumented that its digital twin provides resolution down to the micrometer.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory? In her Day 2 Keynote at @DevOpsSummit at 21st Cloud Expo, Aruna Ravichandran, VP, DevOps Solutions Marketing, CA Technologies, was jo...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the p...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they responded to were some very unique security capabilities that we have," explained Mark Figley, Director of LinuxONE Offerings at IBM, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.