aidarrow-end-inversearrow-endcompliancedefendpoint-coloureddefendpoint-thin-2insider-threatsavecto-logo-smallquotation-marksransomwaresafesocial-engineeringtrianglezero-days

94% of critical Microsoft vulnerabilities mitigated by removing admin rights

Two of the early pioneers of Windows privilege management software have joined forces and are calling on organizations to address the continued problem of over privileged users.

Mark Austin, co-founder, and co-CEO at Avecto and Marco Peretti, Avecto’s newly appointed Chief Technology Officer, both started their careers in endpoint security developing the foundations of modern privilege management and application control software in the early 2000s.

Together, Mark and Marco have formed an unparalleled team to drive the future development of endpoint security and demonstrate the significant benefit of least privilege as part of a proactive strategy.  

Mark Austin, said “Both Marco and I have a shared belief that the key to achieving effective endpoint security is to get the foundations right. In the 20 years or so that Marco and I have been working in this industry, organizations are still neglecting the basics and skipping straight to the latest ‘next gen’ solution.

“Privilege management and application control should be the cornerstone of your endpoint security strategy, building up from there to create ever stronger, multiple layers of defense. These measures can have a dramatic impact on your ability to mitigate todays attacks. Times have changed; removing admin rights and controlling applications is no longer difficult to achieve.”

This rallying call comes on the back of the latest Microsoft Vulnerabilities Report from Avecto.

Avecto’s influential research report analyses Microsoft security bulletins released over 2016. This year’s report identified the following highlights:

  • In total, 530 Microsoft vulnerabilities were reported in 2016, with 36% (189) given a critical severity rating. Of these critical vulnerabilities, 94% were found to be mitigated by removing admin rights, up from 85% reported last year.
  • Despite being Microsoft’s newest and ‘most secure’ operating system, Windows 10 was found to have the highest proportion of vulnerabilities of any OS (395), 46% more than Windows 8 and Windows 8.1 (265 each). Avecto’s report found that 93% of Windows 10 vulnerabilities could be mitigated by removing admin rights.
  • 100% of vulnerabilities impacting Internet Explorer could be mitigated by removing admin rights, including 100% of the vulnerabilities affecting the latest browser, Edge.
  • Microsoft Office products were the subject of 79 vulnerabilities, up from 62 last year. This represents a 295% increase in Office vulnerabilities since 2014. Of the 79 vulnerabilities impacting Office, 17 were classed as Critical, meaning that all businesses using the software were potentially vulnerable to attack.

Marco Peretti, Chief Technology Officer at Avecto added: “Once again, it’s clear from this year’s findings just how significant the removal of admin rights is to mitigate the risk of many of the cyber threats we face.

“As a team, Avecto is collectively drawing on years of experience and knowledge to further invest in the capabilities of our Defendpoint software, which uniquely marries together privilege management, application control and content isolation in one solution. It’s our belief that privileged escalation attacks can be a thing of the past, not only on Windows machines, but also on Macs. Technology like Defendpoint makes that possible, but we need the wider community to sit up and take notice.”

The full Microsoft Vulnerabilities Report for 2016 can be downloaded here.