A security company is reporting that 90% of security flaws in Windows can be prevented by the User running in Standard User mode rather than Administrator mode. That simple little stumbling block means that the script kiddie moves on to a less protected target.
http://www.zdnet.com/article/most-windows-flaws-mitigated-by-removing-admin-rights-says-report/
The full report is here: http://learn.avecto.com/2015-microsoft-vulnerabilities-report
If you want to download the report, Avecto collects information from you. Since the message is pretty basic - - don't run in Administrator mode - - people have to decide if it's worth sharing your information.
http://www.zdnet.com/article/most-windows-flaws-mitigated-by-removing-admin-rights-says-report/
https://www.avecto.com/Most Windows security flaws mitigated by 'removing admin rights'
Almost nine-out-of-ten vulnerabilities targeting Windows last year could have been prevented by removing accounts with administrative rights.
Zack Whittaker
By Zack Whittaker for Zero Day | February 4, 2016 -- 21:55 GMT (13:55 PST) | Topic: Security
Most security vulnerabilities affecting Windows last year could've been mitigated in most cases by removing access to administrator rights, according to a report.
The report, released on Thursday by security firm Avecto said a total of 85 percent of critical flaws affecting the operating system could've been stopped at the gate, and prevented from spreading deep into system files.
Administrator accounts are common among consumer and home PCs, because they give users access to everything on the computer. But malware, when it strikes, also gets the same privileges. That means malware or hackers can modify core Windows files, and steal or destroy data.
Many businesses provide Windows machines with a lower, limited level of access, which reduces the spread of malware or access for hackers.
The report said that removing admin rights could've mitigated more than 99 percent of flaws affecting Internet Explorer, which had a critical-rated flaw almost every month; and mitigated 82 percent of all vulnerabilities affecting Office.
The company analyzed the entire batch of vulnerabilities in Microsoft's monthly security patch update, dubbed Patch Tuesday, to see which flaws would be less impacted whose logged-in accounts "are configured to have fewer user rights on the system."
Out of the entire batch of vulnerabilities reported, 63 percent would be mitigated or unexploitable if admin rights were removed.
The full report is here: http://learn.avecto.com/2015-microsoft-vulnerabilities-report
If you want to download the report, Avecto collects information from you. Since the message is pretty basic - - don't run in Administrator mode - - people have to decide if it's worth sharing your information.
