Wednesday, February 04, 2009

Go Figure Removing Admin Rights Cuts Windows Bugs

I usually enjoy reading my news at ComputerWorld but yesterday's article "Removing admin rights stymies 92% of Microsoft's bugs" almost put me into hysterics. Anyone who knows anything about operating systems should know that you "shouldn't" run day to day on your administrator account. That running full time with administrative privileges opens the door to a posbile devistating attack.

However ComputerWorld and BeyondTrust felt the need to tell us again. Sorry guys but the entire article wrecked of nothing more than advertisement for BeyondTrust which, go figure, develops enterprise level software for the removal of admin rights.

The article says, "The vast majority of critical Microsoft vulnerabilities -- 92% of them -- could have been mitigated by stripping users of administrative rights John Moyer, the CEO of BeyondTrust." Heck I could have told you that. The majority of issues users face like malware, spyware ect are made worse by those running their systems with admin privileges.

Running day to day task on your administrator account leaves the door open for malware, spyware, worms and trojans. Should you be hit with a piece of malicious software under the admin account it is granted full access to your computer. If you are running under a general account not only will you be less likely to be infected because you are running the with the smallest set of privileges needed to perform tasks, but you'd also be less likely to install the software to begin with as general accounts don't typically allow software changes.

We really didn't need BeyondTrust to tell us that using the admin account makes you more vulnerable, Microsoft themselves have told user that for years. I will admit though that the numbers they report are higher than I'd have expected.

Of the 154 bugs published and patched by Microsoft in 2008, critical or not, 69% would have been blocked or their impact reduced by configuring users to run without administrative rights, said the company.

When BeyondTrust looked at the vulnerabilities patched for Microsoft's browser, Internet Explorer (IE), and its application suite, Office, it found that 89% of the former and 94% of the latter could have been stymied by denying users administrative privileges.
Those are pretty astonishing numbers, and yet another reason Microsoft users should get use to using none admin accounts. I personally never will, so I don't practice what I preach. Then again I'm not the average computer user and tend to practice safer surfing and computing habits than most.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you