Removing administrator rights on Windows is the way to go

BeyondTrust published research findings stating that the removal of administrator rights from Windows users is a mitigating factor for the vast majority of all Microsoft software vulnerabilities reported by Microsoft in 2008.

The results demonstrate that by configuring users as standard users, companies can better protect themselves against malware and zero-day threats. Complete findings and methodology can be found online in a new report, titled “Reducing the Threat from Microsoft Vulnerabilities.”

BeyondTrust’s findings show that among the 2008 Microsoft vulnerabilities given a “critical” severity rating, 92 percent shared the same best practice advice from Microsoft to mitigate the vulnerability:

Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This language, found in the “Mitigating Factors” portion of Microsoft’s security bulletins, also appears as a recommendation for reducing the threat from nearly 70 percent of all vulnerabilities reported in 2008.

Figure 1. The vast majority of Microsoft Critical vulnerabilities are mitigated by removing administrator rights.

Figure 2. Over two thirds of all Microsoft vulnerabilities are mitigated by removing administrator rights.

Other key findings from BeyondTrust’s report show that removing administrator rights will better protect companies against the exploitation of:

• 94 percent of Microsoft Office vulnerabilities reported in 2008
• 89 percent of Internet Explorer vulnerabilities reported in 2008
• 53 percent of Microsoft Windows vulnerabilities reported in 2008