Windows 7 Is More Secure Without Administrative Rights


We all should know by now that running Windows as a standard user is more secure than with an Administrative account, but exactly how much more secure?

BeyondTrust released a report yesterday with the following findings:

2009 – Percentage of Windows 7 Vulnerabilities Mitigated by Removing Admin Rights

Microsoft Office 100%
Internet Explorer (All Versions) 94%
Internet Explorer 8 100%
Remote Code Execution Vulnerabilities 87%
Critical Vulnerabilities 81%

In fact more than half (57%) of the 23 Windows 7 vulnerabilities published to date are mitigated by the removal of admin rights.

And as expected we see a similar picture across the whole Windows Operating System eco-system:

Windows Vulnerabilities Mitigated by Removal of Admin Rights

BeyondTrust’s report was based on Microsoft Security Bulletin Summaries for 2009 and Q1 2010, and rated vulnerabilities by Severity Rating, Vulnerability Impact, Affected Software, and the impact of Admin rights on the vulnerability.

While these statistics are fodder for BeyondTrust’s Privilege Identity Management product (which allows users to run applications, ActiveX and processes without admin rights) this should still be food for thought for the rest of us, as well as software developers.

Personally, I have yet to encounter an issue running Windows 7 with admin rights – hopefully you will not be caught out by any un-patched vulnerabilities in the mean-time!


I have not found running as a standard user to be that bad in Windows 7 – I get prompted for administrative account credentials when installing software but not much other than that so far. So it is not annoying so far at all, and not that different from being prompted for super user credentials in Ubuntu.

Sources: CNET, BeyondTrust

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s