aidarrow-end-inversearrow-endcompliancedefendpoint-coloureddefendpoint-thin-2insider-threatsavecto-logo-smallquotation-marksransomwaresafesocial-engineeringtrianglezero-days

Page 01 Download the article

Introduction

In the era of next-gen technology it's the often-forgotten basics that provide the best foundations.

By reducing the attack surface and building secure defensible endpoints you'll be in a far better position to stop cyber attacks and keep your data safe.

The 2016 Microsoft Vulnerabilities Report from Avecto provides an important reminder to organizations that we cannot ignore the simple things.

It's a common perception that migrating to the latest operating system will improve security, but in isolation this is not enough to reduce the risk of attack.

Despite Microsoft stating it's "designed to be the most secure Windows ever", Windows 10 had the highest proportion of vulnerabilities (395) compared to any other OS.

And it's a similar story with Microsoft Edge. This is Microsoft's newest and supposedly "safer" browser, yet there were 111 vulnerabilities in 2016. Admittedly, the various versions of Internet Explorer only fared slightly better with a total of 109 vulnerabilities but it will probably still surprise many to learn that Edge is a bigger security issue for those not employing least privilege.

The good news? Removing admin rights could mitigate the risk associated with 100% of these vulnerabilities across both Microsoft browsers.

Microsoft MVP and ethical hacker Sami Laiho agrees with this approach: "The only way to block system wide access to malware is to prevent yourself from accidentally doing it - this is achieved only by limiting the use of administrative accounts.

"Reactive solutions like anti-malware or blacklisting are both technically and mathematically impossible to work anymore.

They have to add 300,000 new lines to their ruleset, while proactive solutions like whitelisting only require approximately one addition per month. I would go for whitelisting."

And our report provided plenty more compelling reasons for doing so. Not least that 94% of critical Microsoft Vulnerabilities can be mitigated by removing admin rights, up from 85% last year.

There were 530 vulnerabilities in total last year, 189 of these were critical. By comparison, take a look back to 2013, the year of our first report, and we saw 325 vulnerabilities, 147 of which were critical.

The benefits of removing admin rights should be clear. However, for some, the reluctance to introduce least privilege across a corporation will be down to the perceived to be difficult of doing so, as well as a belief that it will put up barriers and impact the productivity of the end user.