Ways to make Windows more secure

Every Microsoft vulnerability discovered in 2014 can be blocked by removing the user's administrator (admin) privileges.

British security company Avecto discovered that 92% of Microsoft vulnerabilities could be eliminated by removing admin privileges in 2013 by researching a patch announcement issued by Microsoft over the past year. In 2014, the number rose 97%.

The report shows that 97% of the data is taken apart. Windows system vulnerabilities are mainly composed of IE vulnerabilities and Office vulnerabilities. The proportion of admin rights mechanisms in these two types of vulnerabilities is 99.5%. And 95%.

Avecto took a very simple approach to investigating whether system permissions were mentioned in Microsoft's official vulnerability bulletin. Such a description: "Those users with lower privilege levels will be less affected than users with admin rights".

Of course, "less impact;" This does not mean that all of these vulnerabilities will be completely harmless after removing the admin rights mechanism. But in many cases it is.

It’s shocking that the number of critical vulnerabilities in Microsoft soared to 240 in 2014, a 63% increase over 2013, which means that Avecto’s report this year may be more convincing to companies. force.

IT organizations need multiple strategies to deal with the sudden increase in the number of dangerous vulnerabilities. According to the Avecto organization, the operating system permissions mechanism preferably does not exist from the beginning.

Generally speaking, you should not give your work computer administrator privileges, although this is easier said than done. Many versions of Windows are running older versions of the application, and in many cases, removing administrator privileges can be inconvenient.

Avecto's head of Europe said that the 2014 report consistently demonstrated the benefits of removing system privileges. Repeated experience shows that removing system privileges is a simple and effective defense strategy, but many companies are not aware of the importance of this.

People have some misunderstandings about passive defense, such as detection technology can provide complete defense. Despite clear evidence that the current strategy is overwhelmed by the changing offensive approach.

Enterprises can use the Defendpoint (formerly Privilege Guard) software to manage system privileges, which provides sandboxing and application control modules.

If the user can not obtain the administrator-level key permissions, the installation program and other operations will effectively control the harm of malicious programs.

Permissions management can solve most advanced network attacks, especially when used in conjunction with other proactive defense strategies. These proactive strategies include application control, patch management, and sandboxing.