Peaches Posted February 4, 2009 Report Share Posted February 4, 2009 Removing admin rights stymies 92% of Microsoft's bugsBulk of IE's bugs in '08 could have been blocked, says vendorBy Gregg Keizer February 3, 2009 (Computerworld) "Nine of out 10 critical bugs reported by Microsoft last year could have been made moot, or at least made less dangerous, if people ran Windows without administrative rights, a developer of enterprise rights management software claimed today. BeyondTrust Corp., which touts its Privilege Manager as a way for companies to lock down PCs, tallied the individual vulnerabilities that Microsoft disclosed in 2008, then examined each accompanying security bulletin. If the bulletin's "Mitigating Factors" section, the part that spells out how to lessen the risk of attack or eliminate it entirely, said that users with fewer rights "could be less impacted than users who operate with administrative rights," BeyondTrust counted the bug. The vast majority of critical Microsoft vulnerabilities -- 92% of them -- could have been mitigated by stripping users of administrative rights, said John Moyer, the CEO of BeyondTrust. "This speaks to what enterprises should be doing," Moyer said. "Clearly, eliminating administrative rights can close the window of opportunity of attack." Story: http://www.computerworld.com/action/articl...p;intsrc=kc_top and here: http://www.darkreading.com/security/vulner...ies+and+threats Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.