You already knew this, but stats are interesting…
A study by security vendor BeyondTrust shows that the vast majority of critical vulnerabilities reported last year in Microsoft products are mitigated by not allowing users to run as administrator.
BeyondTrust sells software that assists enterprises in configuring their users to run Windows with least-privilege access.
The study showed:
- 69% of all published vulnerabilities of any severity (106 of 154) could be mitigated by running as a standard user.
- 92% of Microsoft critical vulnerabilities (88 of 96) were mitigated
- 94% of Microsoft Office vulnerabilities were mitigated
- 89% of Internet Explorer vulnerabilities were mitigated
- 53% of Microsoft Windows vulnerabilities were mitigated