In BeyondTrust report on bugs in Microsoft software is noted that among 189 critical vulnerabilities that were reported in 2019, 81% could be addresses by taking away from users rights of local administrators.This is persuading argument in favor of following minimal privileges.
“Least privileged access continues to be the way forward – we know with certainty that the removal of admin rights is one of the leading mitigating factors in keeping our networks and systems safe in the face of accelerating vulnerability disclosures”, – said Kenneth Holley, Founder & CEO at Information Systems Integration.
Between 2013 and 2018, number of vulnerabilities in Microsoft solutions increased by 110%, totally in 2018 were discovered about 700 vulnerabilities in products of this technical giant.
In the last six years part of vulnerabilities that were classified as “critical”, also grew – by 29%. Main part of the issues, detected in 2018, accounted for bugs of remote code performance (292 vulnerabilities), 197 were characterized as “critical” (61%).
Last year on Windows Vista, Windows 7, Windows RT, Windows 8/8.1 and Windows 10 platforms were discovered 499 vulnerabilities, 169 of them were evaluated as “critical”. Similar number of problems was found in Windows Server (30% consisted critical vulnerabilities).
Despite Microsoft Edge is relatively new browser, number of detected in it vulnerabilities (112) three times exceeds this indicator for Internet Explorer (39), noted in the report. Its authors also indicate that in two years number of bugs in Edge surged six times. Moreover, in six years grew number of vulnerabilities in Microsoft Office (by 121%).
By the result of analysis authors of the report conclude that major part of critical vulnerabilities from official security bulletins can be eliminated, simply switching off administrator’s rights. However, contradiction between security and productivity is often a predicament that prevents organizations from deleting local admins rights for all users.
For resolving this problem, BeyondTrust developed solutions for management of privileges that can be deployed for dynamic provision of control over access to applications, tasks and scenarios, with making this balance transparent, and security – invisible for the final user.
“Elevate access for applications without elevating the user’s actual privileges. This ensures that users are productive and protected. Remove Local Admin Rights and Eliminate 81% of Microsoft Vulnerabilities”, — recommends BeyondTrust.