A majority of all the critical Microsoft vulnerabilities discovered and fixed last year can truly end up mitigated by simply removing admin rights, new research found.
There were 530 vulnerabilities affecting Microsoft products reported in 2016, and of these 189 were of critical severity, said researchers at Avecto. Still, 94 percent of them could end up mitigated by removing users’ admin rights. Also, 66 percent of all Microsoft vulnerabilities reported in 2016 could end up mitigated by removing admin rights.
In addition, the research also found:
• Windows 10 ended up affected by 395 vulnerabilities, Windows 8 and 8.1 by 265. Users could mitigate 93 percent of the Windows 10 flaws by removing users’ admin rights.
• 100 percent of vulnerabilities impacting Microsoft Edge and Internet Explorer could end up mitigated by removing admin rights.
• There were 79 vulnerabilities reported vulnerabilities affecting Microsoft Office products (Office 2010, 2013, and 2016, Microsoft Excel, Word, PowerPoint, Visio and Publisher, among others), and of those, 99 percent could end up mitigated by removing admin rights. Also, the same action would mitigate 100 percent of those vulnerabilities in Office 2016, the latest version of the suite.
• 319 vulnerabilities were in the Windows Server OS. Of those, 108 were critical, and 90 percent of those ended up mitigated by the removal of admin rights.
“Times have changed; removing admin rights and controlling applications is no longer difficult to achieve,” said Avecto co-chief executive Mark Austin.
Click here to register to download the report.