infographic
The report finds that removing
admin rights from endpoints
would mitigate 77% of all critical
Microsoft vulnerabilities
from last year.
BEYONDTRUST RESEARCH FINDS
77% OF CRITICAL MICROSOFT
VULNERABILITIES CAN BE MITIGATED
BeyondTrust, a worldwide
technology leader in Privileged
Access Management, has announced
the release of its Microsoft
Vulnerabilities Report. The research
provides the latest annual breakdown
into security vulnerabilities facing
organisations today, as well as a fiveyear
trends analysis to better equip
organisations to increase their IT
security posture and keep networks
and systems safe.
Now in its seventh edition, this
year’s report identified the
following highlights:
• In 2019, a record-high number
of 858 Microsoft vulnerabilities
was discovered
• The number of reported
vulnerabilities has risen 64% in
the last five years (2015–2019)
• 100% of critical vulnerabilities
in Internet Explorer would have
been mitigated by removing
admin rights
• 100% of critical vulnerabilities
in Microsoft Edge would have
been mitigated by removing
admin rights
• 80% of critical vulnerabilities
affecting Windows 7, 8.1 and 10
would have been mitigated by
removing admin rights
• 80% of critical vulnerabilities
affecting Windows Servers would
have been mitigated by removing
admin rights
Further analysis indicates that on
average over the last five years, 83%
of all critical vulnerabilities published
by Microsoft could have been
mitigated by security teams removing
admin rights from users.
“Removing admin rights is not
just about security,” said Sami
Laiho, Microsoft MVP and Ethical
Hacker. “Removing admin rights
will also allow your computers to
run faster, better and longer, with less
reinstallations. My larger customers have
measured a 75% reduction in the amount
of help desk tickets after removing
admin rights, resulting in a more secure
and productive environment for extended
periods of time.”
“The rate at which vulnerabilities are
increasing is a significant concern for
organisations committed to protecting
their networks from data breaches,” said
Morey Haber, Chief Technology Officer
and Chief Information Security Officer at
BeyondTrust. “Recent global events have
highlighted the critical need to continue
to focus on information security. The
ability to remove admin rights and
control applications is no longer difficult
to achieve and least privilege should
always be considered as part of a
proactive security strategy.” u
22 Issue 25 | www.intelligentciso.com