Microsoft Vulnerability Management: Here's How To Cut Windows PC Threats By 94%
Endpoint security firm Avecto proposes a weird way to avert vulnerabilities in Microsoft products - turn off administrator rights. The annual vulnerability report from Avecto concluded that there are 530 vulnerabilities in Windows PC recorded in 2016 but 94 percent of them can be mitigated by simply using an account with no admin rights.
Topping the list of apps that can benefit from removing admin rights are Microsoft browsers from Internet Explorer to the newer Edge. While most of the problems are still coming from the internet, 238 known vulnerabilities from IE 6 way up to IE 11 drastically dropped to 109 when there are no admin rights.
Avecto CEO Mark Austin said that it sounds weird not to totally "own" Windows PC due to admin restrictions but the only way out are privilege management and app control. Removing admin rights is no longer difficult to achieve and even users with basic computer sense can get their way around easily, ComputerWorld said.
Austin added that Windows PC owners have false sense of security when upgrading to newer operating system. As with the case of Windows 10, it is actually the most vulnerable among current Microsoft products. In fact, Windows 10 registered a whooping 395 vulnerabilities as opposed to 256 of either Windows 8 or 8.1 version. a
In 2016 alone, hackers were able to breach 79 vulnerabilities in Windows 10. Other Microsoft applications like Office 2010, 2013 and 2016 versions are also susceptible to data stealing. Good news for Office 365 owners though, because there is no known attack that specifically targets the latest productivity suite.
Ironically, Avecto also proposes that removing admin rights is also a way to protect Windows Server. Admin rights are necessary when using Server 2008, 2012 and 2016 but 90 percent of potential problems can be averted by turning off admin privilege.
Come to think of it, Avecto is actually issuing the "admin rights" solution every year since they discovered the workaround. Sadly, the affected number of Windows devices are also growing every year which concludes that these warnings are falling on deaf ears.