Talking to many people last week about our 2010 Microsoft Vulnerability report, I realized just how much most people in IT underestimate the importance of properly limiting administrative privileges in protecting desktops for vulnerabilities. It’s certainly not because of a reduction in the risk from vulnerabilities. Our survey revealed that in 2009, Microsoft published nearly 75 security bulletins documenting and providing patches for nearly 200 vulnerabilities while in 2010 Microsoft published over 100 security bulletins documenting and providing patches for 256 vulnerabilities.
So in today’s environment good security requires using all possible means to deal with these threats Everyone understands the importance of good patch management and nervously awaits Microsoft’s release on patch Tuesday . Virus protection software is near universally deployed in enterprise and most SMB environments.
So what role does properly limiting administrative privileges play? Well, as important as patches and virus protection are they can’t address increasingly frequent zero day attacks. However, limiting the use of administrative privileges reduces the attack surface for malware and reduces their potential impact until a patch or virus detection signature is available. Our analysis showed that removing administrator rights will better protect companies against 64% of all Microsoft vulnerabilities reported in 2010 and 75% of Critical Windows 7 vulnerabilities reported by Microsoft to date
So if you are worried about the vulnerability of your desktops then use all three pillars of desktop protection – patch management, virus protection and implement a secure least privilege solution.