A site devoted to discussing techniques that promote quality and ethical practices in software development.

Tuesday, March 30, 2010

The figures are in - LUA is the best defence against attacks

The key finding in the report by BeyondTrust on Microsoft's operating system and Office paints an unambiguous picture that LUA is the best defense to protect your machine:
Key findings from this report show that removing administrator rights will better protect companies against the exploitation of:
• 90% of Critical Windows 7 vulnerabilities reported to date
• 100% of Microsoft Office vulnerabilities reported in 2009
• 94% of Internet Explorer and 100% of IE 8 vulnerabilities reported in 2009
• 64% of all Microsoft vulnerabilities reported in 2009
This graph taken from the report shows the impressive protection offer by LUA in various Microsoft operating systems:
It is worth repeating the conclusion of this report here:
This report demonstrates the critical role that restricting administrator rights plays in protecting against vulnerabilities. It is important to note that this increased protection is achievable in one simple step without any impact on productivity — by implementing a desktop Privilege Identity Management solution. As companies roll out Windows 7 they need to include plans to implement a desktop Privilege Identity Management solution in order to reduce the severity or prevent the exploitation of undiscovered or unpatched vulnerabilities and to ensure that their users can operate effectively without administrator rights.
One should also not to lose sight of the potential remaining vulnerabilities that allow malicious code to attack the users using the user account's privileges.

No comments:

Blog Archive