Network Security, Vulnerability Management

Block admin rights to avoid MS flaws, report

In dealing with endpoint security, IT administrators are skipping the basics to their peril, according to a newly released Avecto report [PDF, registration required].

The fact is, 94 percent of critical Microsoft vulnerabilities would be mitigated merely by removing admin rights, the study determined.

Avecto's "2016 Microsoft Vulnerabilities Study," the company's yearly research report which examines Microsoft security bulletins released over the year, found that 530 Microsoft vulnerabilities were reported in 2016. Of these, 36 percent (189) were ranked critical. The vast majority of these, 94 percent, could be mitigated simply by removing admin rights, up from 85 percent found last year, a solution that Avecto has been advising for several years. The argument is that some users will be miffed that their access to some functions has been curtailed, such as updating software, but restricting admin rights would certainlywork for the greater good of enterprise security.

The study further determined that despite Microsoft's touting of its latest OS as its "most secure," Windows 10 had the highest proportion of vulnerabilities of any OS (395), a 46 percent jump from Windows 8 and Windows 8.1 (265 each). Here too the Avecto study found that the majority of Windows 10 vulnerabilities (93 percent) could be mitigated by removing admin rights.

In addition, the entirety of bugs affecting the Internet Explorer browser could be mitigated by removing admin rights, including 100 percent of the vulnerabilities affecting the latest browser, Edge.

As far as Microsoft's popular Office suite of software, 79 vulnerabilities were addressed in 2016, up from 62 in 2015. But this was nearly a 300 percent increase in bugs since 2014, particularly significant when considering that 79 of these bugs were ranNetwork Secuked as critical, potentially opening up businesses to attack.

While the percentage of vulnerabilities mitigated by removing admin rights increased in 2016, the study said the rate has remained fairly steady over the past four years. However, vulnerabilities have risen sharply, increasing the challenge for organizations to keep up with patches.

As well, attack strategies are evolving, growing more sophisticated as well as zeroing in on particular targets while getting better at hiding their tracks, the study found.

“Privilege management and application control should be the cornerstone of your endpoint security strategy, building up from there to create ever stronger, multiple layers of defense," Mark Austin, co-founder and co-CEO at Avecto, said in a statement following the report's release. "These measures can have a dramatic impact on your ability to mitigate todays attacks. Times have changed; removing admin rights and controlling applications is no longer difficult to achieve.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.