BeyondTrust: More than half of Microsoft vulnerabilities solved by removing admin rights

More than half of Microsoft vulnerabilities could be solved by removing admin rights, according to cyber security vendor BeyondTrust.

According to a new report by the vendor, 1,268 Microsoft vulnerabilities were discovered in 2020, a 48 per cent increase, year-on-year. In addition, the number of reported vulnerabilities has risen an astonishing 181 per cent in the last five years.

However, BeyondTrust has claimed that removing admin rights from endpoints would mitigate 56 per cent of all critical Microsoft vulnerabilities in 2020. Delving deeper, 87 per cent of critical vulnerabilities in Internet Explorer and Microsoft Edge would have been mitigated by removing admin rights, the report said.

Around 80 per cent of critical vulnerabilities in all Office products (Excel, Word, PowerPoint, Visio, Publisher, and others) would have been mitigated by removing admin rights, as would have 66 per cent of those affecting Windows Servers.

“The sheer fact that patching must always occur is a cyber security basic,” said Morey Haber, chief technology officer and chief information security officer at BeyondTrust.

“However, deflecting an attack with good cyber security policies like the removal of administrative rights ultimately makes the environment, and home workers, even more secure. And, most importantly, honouring least privilege can buy your organisation time to patch when critical vulnerabilities are published.”

The report comes as BeyondTrust expands its Asia Pacific and Japan footprint, opening an office in Singapore and hiring former BAE Systems executive Nick Turnbull as its regional senior vice president (SVP).

Source