|By Business Wire||
|February 18, 2014 09:26 AM EST||
92% of all vulnerabilities reported by Microsoft with a critical severity rating can be mitigated by removing admin rights, according to new research from Avecto.
The market leading privilege management firm analyzed data from security bulletins issued by Microsoft throughout 2013.
The results also revealed that removing admin rights would mitigate 96% of critical vulnerabilities affecting Windows operating systems, 91% critical vulnerabilities affecting Microsoft Office and 100% of vulnerabilities in Internet Explorer.
Microsoft bulletins are issued on the second Tuesday of each month, a date known commonly as Patch Tuesday, and provide fixes for known security issues.
If malware infects a user with admin rights, it can cause incredible damage locally, as well as on a wider network. Additionally, employees with admin rights have access to install, modify and delete software and files as well as change system settings.
Paul Kenyon, co-founder and EVP of Avecto said: “It’s astounding just how many vulnerabilities can be overcome by the removal of admin rights.
“The dangers of admin rights have been well documented for some time, but what’s more concerning is the number of enterprises we talk to that are still not fully aware of how many admin users they have. Without clear visibility and control, they are facing an unknown and unquantified security threat.”
“Awareness of the importance of privilege management is growing, but we need to get to the point where it’s a standard measure for all organizations. These findings make it clear that it’s a critical element of an endpoint security strategy that just cannot be ignored.”
Paul concluded: “This analysis focuses purely on known vulnerabilities, and cyber criminals will be quick to take advantage of bugs that are unknown to vendors. Defending against these unknown threats is difficult, but removing admin rights is the most effective way to do so.”
The full report can be downloaded here: www.avecto.com/microsoft-vulnerabilities
Notes to editors
The research analyzed Microsite security bulletins from 2013.
A vulnerability was classed as one that could be mitigated by removing admin rights if the following sentence was found within the executive summary: “users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative users rights.”
For a more detailed overview of the methodology, please see Appendix 1 in the full report here: www.avecto.com/microsoft-vulnerabilities
Avecto is a leader in Windows privilege management, helping organizations to deploy secure and compliant desktops and servers.
The company has been named second fastest growing technology company in the UK and 10th fastest growing software company in the EU, Middle East and Africa, according to the 2013 Deloitte Fast 50 and Fast 500 EMEA lists.
With its award winning Privilege Guard technology, organizations can now empower all Windows based desktop and server users with the privileges they require to perform their roles, without compromising the integrity and security of their systems.
Companies of all sizes rely on Avecto to reduce operating expenses and strengthen security across their Windows based environments, reducing operating costs and improving system security.
With over 720 million Internet users and 40–50% CAGR, the Chinese Cloud Computing market has been booming. When talking about cloud computing, what are the Chinese users of cloud thinking about? What is the most powerful force that can push them to make the buying decision? How to tap into them? In his session at 18th Cloud Expo, Yu Hao, CEO and co-founder of SpeedyCloud, answered these questions and discussed the results of SpeedyCloud’s survey.
Jul. 29, 2016 03:45 AM EDT Reads: 1,030
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develo...
Jul. 29, 2016 02:45 AM EDT Reads: 1,592
SYS-CON Events announced today that MangoApps will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device.
Jul. 29, 2016 02:30 AM EDT Reads: 1,453
Large scale deployments present unique planning challenges, system commissioning hurdles between IT and OT and demand careful system hand-off orchestration. In his session at @ThingsExpo, Jeff Smith, Senior Director and a founding member of Incenergy, will discuss some of the key tactics to ensure delivery success based on his experience of the last two years deploying Industrial IoT systems across four continents.
Jul. 29, 2016 02:00 AM EDT Reads: 1,667
Redis is not only the fastest database, but it is the most popular among the new wave of databases running in containers. Redis speeds up just about every data interaction between your users or operational systems. In his session at 19th Cloud Expo, Dave Nielsen, Developer Advocate, Redis Labs, will share the functions and data structures used to solve everyday use cases that are driving Redis' popularity.
Jul. 29, 2016 12:30 AM EDT Reads: 1,688
Basho Technologies has announced the latest release of Basho Riak TS, version 1.3. Riak TS is an enterprise-grade NoSQL database optimized for Internet of Things (IoT). The open source version enables developers to download the software for free and use it in production as well as make contributions to the code and develop applications around Riak TS. Enhancements to Riak TS make it quick, easy and cost-effective to spin up an instance to test new ideas and build IoT applications. In addition to...
Jul. 29, 2016 12:15 AM EDT Reads: 1,990
Predictive analytics tools monitor, report, and troubleshoot in order to make proactive decisions about the health, performance, and utilization of storage. Most enterprises combine cloud and on-premise storage, resulting in blended environments of physical, virtual, cloud, and other platforms, which justifies more sophisticated storage analytics. In his session at 18th Cloud Expo, Peter McCallum, Vice President of Datacenter Solutions at FalconStor, discussed using predictive analytics to mon...
Jul. 29, 2016 12:15 AM EDT Reads: 2,087
Identity is in everything and customers are looking to their providers to ensure the security of their identities, transactions and data. With the increased reliance on cloud-based services, service providers must build security and trust into their offerings, adding value to customers and improving the user experience. Making identity, security and privacy easy for customers provides a unique advantage over the competition.
Jul. 28, 2016 11:45 PM EDT Reads: 1,227
SYS-CON Events announced today that Isomorphic Software will exhibit at DevOps Summit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, cutting-edge enterprise web applications for desktop and mobile. SmartClient combines the productivity and performance of traditional desktop software with the simp...
Jul. 28, 2016 10:15 PM EDT Reads: 1,235
In his session at @DevOpsSummit at 19th Cloud Expo, Yoseph Reuveni, Director of Software Engineering at Jet.com, will discuss Jet.com's journey into containerizing Microsoft-based technologies like C# and F# into Docker. He will talk about lessons learned and challenges faced, the Mono framework tryout and how they deployed everything into Azure cloud. Yoseph Reuveni is a technology leader with unique experience developing and running high throughput (over 1M tps) distributed systems with extre...
Jul. 28, 2016 10:15 PM EDT Reads: 2,225
"We've discovered that after shows 80% if leads that people get, 80% of the conversations end up on the show floor, meaning people forget about it, people forget who they talk to, people forget that there are actual business opportunities to be had here so we try to help out and keep the conversations going," explained Jeff Mesnik, Founder and President of ContentMX, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Jul. 28, 2016 10:15 PM EDT Reads: 1,440
"When you think about the data center today, there's constant evolution, The evolution of the data center and the needs of the consumer of technology change, and they change constantly," stated Matt Kalmenson, VP of Sales, Service and Cloud Providers at Veeam Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Jul. 28, 2016 10:00 PM EDT Reads: 1,456
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
Jul. 28, 2016 10:00 PM EDT Reads: 2,100
As companies gain momentum, the need to maintain high quality products can outstrip their development team’s bandwidth for QA. Building out a large QA team (whether in-house or outsourced) can slow down development and significantly increases costs. This eBook takes QA profiles from 5 companies who successfully scaled up production without building a large QA team and includes: What to consider when choosing CI/CD tools How culture and communication can make or break implementation
Jul. 28, 2016 10:00 PM EDT Reads: 1,725
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
Jul. 28, 2016 09:00 PM EDT Reads: 2,718