Home Security Removing admin rights would mitigate most Microsoft flaws, report claims
Removing admin rights would mitigate most Microsoft flaws, report claims Featured

Removing administrator rights would mitigate 80% of the critical vulnerabilities found in Microsoft products in 2017, the security firm Avecto claims.

And this percentage rose to 95% when one considered only the browsers made by Microsoft, the company said in its annual evaluation of flaws in software made by the Redmond behemoth.

Despite claims being made about improved security in Windows 10, it was found that the number of flaws in this version rose by 64% in 2017. As with all other Microsoft products, removing admin rights would mitigate almost 80% of these flaws.

Avecto makes privilege management and application control software and has been issuing these evaluations since 2013. The figures are all taken from the security bulletins issued by Microsoft throughout the year.

Among the key findings in the latest report, was a rise of 111% in the number of reported vulnerabilities over the five-year period (2013 to 2017). Microsoft Office vulnerabilities rose by 89% over the same period.

Avecto found a 54% increase in the number of critical Microsoft vulnerabilities since 2016; that figure was 60% if one took the whole five-period into account.

avecto one

The browsers made by Microsoft showed an increase in vulnerabilities since 2013, with Avecto registering a rise of 46%.

Clarifying its findings, Avecto said: "Security vulnerability and update information issued by Microsoft contains a summary with general information regarding that vulnerability.

"For this report, a vulnerability is classed as one that could be mitigated by removing admin rights if the sentence 'Customers/users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights' or 'If the current user is logged on with administrative user rights, an attacker could take control of an affected system' is found within the summary of that specific vulnerability."

In its report, Avecto classifies vulnerabilities into categories: remote code execution, elevation of privilege, information disclosure, denial of service, security feature bypass, spoofing and tampering.

In 2017, there were 587 vulnerabilities found across Windows Vista, Windows 7, Windows RT, Windows 8/8.1 and Windows 10.

"This is a record high, coming in 232 vulnerabilities more than last year's report, and marking a 132% increase from five years ago," the report said.

There were 48 critical flaws found in Internet Explorer (versions 8 to 11) in 2017 and 45 of these could have been mitigated by the removal of admin rights.

avecto two

As far as Edge was concerned, 140 critical vulnerabilities were found in 2017, a rise of 140% since the browser made its debut two years ago. All but six of these could have been mitigated by removing admin rights.

Microsoft Office vulnerabilities also continued to show a year-on-year rise, hitting a record high of 87 in 2017. Critical vulnerabilities had doubled compared to 2013, though the numbers were small – from 6 to 12.

Sixty percent of the vulnerabilities in all Office components (Excel, Word, PowerPoint, Visio, Publisher and others) would have been mitigated by the removal of admin rights.

Windows Server had a total of 501 vulnerabilities in 2017 with Microsoft grading 176 of these as critical. Avecto said 74% could be mitigated by the removal of admin rights. Flaws doubled over the five years from 2013, when 252 were found, with the biggest rise being this year, a 65% increase over the 303 found in 2016.

Commenting on Avecto's findings, Jake Williams, the head of security firm Rendition Infosec, said: "“Removing admin rights from your users is one of the most important things you can do to mitigate vulnerabilities. Some organisations believe that user account control will protect them, but attackers know of many methods to silently bypass UAC popups."

Williams, a former member of the NSA's elite Tailored Access Operations hacking unit, added: "Even Microsoft says that UAC is not a security control. By removing administrative rights from your users, you ensure that the attacker cannot take full control of a machine even if a vulnerability is exploited."

The Avecto report is available here as a free download after registration.

47 REASONS TO ATTEND YOW! 2018

With 4 keynotes + 33 talks + 10 in-depth workshops from world-class speakers, YOW! is your chance to learn more about the latest software trends, practices and technologies and interact with many of the people who created them.

Speakers this year include Anita Sengupta (Rocket Scientist and Sr. VP Engineering at Hyperloop One), Brendan Gregg (Sr. Performance Architect Netflix), Jessica Kerr (Developer, Speaker, Writer and Lead Engineer at Atomist) and Kent Beck (Author Extreme Programming, Test Driven Development).

YOW! 2018 is a great place to network with the best and brightest software developers in Australia. You’ll be amazed by the great ideas (and perhaps great talent) you’ll take back to the office!

Register now for YOW! Conference

· Sydney 29-30 November
· Brisbane 3-4 December
· Melbourne 6-7 December

Register now for YOW! Workshops

· Sydney 27-28 November
· Melbourne 4-5 December

REGISTER NOW!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the sitecame into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect