A staggering 97% of critical Microsoft vulnerabilities reported over the past year could be mitigated by simply removing admin rights from user accounts, according to new research from security vendor Avecto.
The firm analyzed all the security bulletins released by Redmond during 2014 and found that taking away admin rights would mitigate 80% of all 242 flaws discovered during the period.
The figure rose to 98% for critical vulnerabilities affecting Windows operating systems, 95% for critical Office flaws and 99.5% for vulnerabilities in Internet Explorer, the firm claimed.
Co-founder Paul Kenyon argued that firms need to stop relying on passive detection tools to stay protected against threats which exploit such flaws and instead get more proactive.
“Organizations needn’t be hindered by managing admin privileges, nor should it be an onerous process. Deploying privilege management technology allows organizations to remove admin rights across the business and ensure that employees are able to remain productive,” he told Infosecurity.
“It works by granting permissions directly to approved apps, tasks and scripts – rather than to the users themselves – so that every user can operate successfully under the context of a secure standard user account.”
Privileged user accounts represent a tempting target for cyber-criminals because once exploited they can allow unrestricted access to an endpoint and ultimately into the network.
By targeting these employees attackers have less chance of getting caught and can get to the data they’re after even quicker.
They are also able to change system settings and in so doing introduce more vulnerabilities, according to Avecto.
In related news, change auditing firm Netwrix has launched a new free tool designed to help IT teams monitor privileged accounts and detect insider abuse at an early stage.
The Netwrix Effective Permissions Reporting Tool reports on employee or group permissions for accessing data across Active Directory or file servers, allowing rapid investigation if admins think something might be wrong.
Current employees are the largest single group responsible for security incidents, accounting for 34.5%, according to the PwC Global State of Information Security Survey 2015.