We all should know by now that running Windows as a standard user is more secure than with an Administrative account, but exactly how much more secure?
BeyondTrust released a report yesterday with the following findings:
2009 – Percentage of Windows 7 Vulnerabilities Mitigated by Removing Admin Rights
|Internet Explorer (All Versions)||94%|
|Internet Explorer 8||100%|
|Remote Code Execution Vulnerabilities||87%|
In fact more than half (57%) of the 23 Windows 7 vulnerabilities published to date are mitigated by the removal of admin rights.
And as expected we see a similar picture across the whole Windows Operating System eco-system:
BeyondTrust’s report was based on Microsoft Security Bulletin Summaries for 2009 and Q1 2010, and rated vulnerabilities by Severity Rating, Vulnerability Impact, Affected Software, and the impact of Admin rights on the vulnerability.
While these statistics are fodder for BeyondTrust’s Privilege Identity Management product (which allows users to run applications, ActiveX and processes without admin rights) this should still be food for thought for the rest of us, as well as software developers.
Personally, I have yet to encounter an issue running Windows 7 with admin rights – hopefully you will not be caught out by any un-patched vulnerabilities in the mean-time!
I have not found running as a standard user to be that bad in Windows 7 – I get prompted for administrative account credentials when installing software but not much other than that so far. So it is not annoying so far at all, and not that different from being prompted for super user credentials in Ubuntu.