Improve Windows Security by Removing Admin Rights

A new report suggests that Windows security is far easier than many IT managers realize: simply remove admin control while waiting for monthly patches.

A new survey of Microsoft security vulnerabilities shows that the vast majority of them can be effectively mitigated while users wait for systems managers to apply the software giant's monthly patches.

The third-party report, compiled by privileged access lifecycle management vendor BeyondTrust, claims that the cure for many ills that might befall users of PCs running Microsoft (NASDAQ: MSFT) software is straightforward.

"Key findings from this report show that removing administrator rights will better protect companies," said the study, dubbed BeyondTrust 2009 Microsoft Vulnerability Analysis.

Administrative rights include the authority for someone designated as the system administrator to control what software and hardware can be installed on a user's PC. Often, however, the default setting is to let the user have administrative rights on his or her own PC but, as noted in the report, that can be risky because, for instance, a piece of malware might trick the system to prompt a user with such rights to okay its installation.

"By removing the need to grant administrative rights to end-users, IT departments eliminate what is otherwise the Achilles' heel of the desktop -- end-users with administrative power that can be exploited by malware and malicious intent to change security settings and disable other security solutions," the report said.

Read the rest at eSecurity Planet.

Tags: Windows, security, Microsoft, patches, admin rights

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.