The key finding in the
report by BeyondTrust on Microsoft's operating system and Office paints an unambiguous picture that LUA is the best defense to protect your machine:
Key findings from this report show that removing administrator rights will better protect companies against the exploitation of:
• 90% of Critical Windows 7 vulnerabilities reported to date
• 100% of Microsoft Office vulnerabilities reported in 2009
• 94% of Internet Explorer and 100% of IE 8 vulnerabilities reported in 2009
• 64% of all Microsoft vulnerabilities reported in 2009
This graph taken from the
report shows the impressive protection offer by LUA in various Microsoft operating systems:
It is worth repeating the conclusion of this report here:
This report demonstrates the critical role that restricting administrator rights plays in protecting against vulnerabilities. It is important to note that this increased protection is achievable in one simple step without any impact on productivity — by implementing a desktop Privilege Identity Management solution. As companies roll out Windows 7 they need to include plans to implement a desktop Privilege Identity Management solution in order to reduce the severity or prevent the exploitation of undiscovered or unpatched vulnerabilities and to ensure that their users can operate effectively without administrator rights.
One should also not to lose sight of the potential remaining vulnerabilities that allow
malicious code to attack the users using the user account's privileges.
No comments:
Post a Comment