3 February 2009
Practice of Least Privilege Management Against Microsoft Vulnerabilities
Dear Francis,
February 3, 2009
- BeyondTrust Corporation, the first provider of Least Privilege Management solutions, today published research findings stating that the removal of administrator rights from Windows users is a mitigating factor for the vast majority of all Microsoft software vulnerabilities reported by Microsoft in 2008. The results demonstrate that by configuring users as standard users, companies can better protect themselves against malware and zero-day threats.
Quick Links
Join our Mailing List!
Reducing the Threat from Microsoft Vulnerabilities:
92% of Critical Vulnerabilities can be Mitigated by Removing Admin Rights 
BeyondTrust's findings show that among the 2008 Microsoft vulnerabilities given a "critical" severity rating, 92 percent shared the same best practice advice from Microsoft to mitigate the vulnerability: "Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights." This language, found in the "Mitigating Factors" portion of Microsoft's security bulletins, also appears as a recommendation for reducing the threat from nearly 70 percent of all vulnerabilities reported in 2008.

Other key findings from BeyondTrust's report show that removing administrator rights will better protect companies against the exploitation of: 
  • 94 percent of Microsoft Office vulnerabilities reported in 2008
  • 89 percent of Internet Explorer vulnerabilities reported in 2008
  • 53 percent of Microsoft Windows vulnerabilities reported in 2008
Further illustrating the benefits to enterprises of removing administrator rights from users, a recent Gartner report states, "The Gartner TCO model shows a significant reduction in TCO between a managed desktop where the user is an administrator, compared with a desktop where the user is a standard user. Among the most remarkable observations is that the model shows a 24 percent decrease in the amount of IT labor needed for technical support." Gartner, Inc., "Organizations That Unlock PCs Unnecessarily Will Face High Costs," Michael A. Silver, Ronni J. Colville, Dec.19, 2008.

"Companies face imminent danger from zero-day threats as new vulnerabilities continually crop up while patching efforts lag behind, and even worse, many threats exist undetected," said John Moyer, CEO of BeyondTrust. "Our findings reflect the critical role that restricting administrator rights plays in protecting against these types of threats. This is achievable in one simple step - adopting a strategy of Least Privilege security. BeyondTrust has helped over 500 companies equip their end users with those privileges needed to do their jobs, while protecting against zero-day threats and reducing risk."

To learn more, download the complete BeyondTrust report here, Reducing the Threat from Microsoft Vulnerabilities, and sign up for a webinar below.
Join members of the BeyondTrust team for an educational and informative Webinar to learn how to eliminate admin rights across your entire enterprise and still allow users to do their jobs without interruption. During this Webinar you'll learn how to:
(1) Increase network security
(2) Decrease desktop support costs
(3) Eliminate admin rights, while allowing standard users to:
  • Run authorized applications that require administrator rights
  • Install approved software
  • Add local printers
  • Install ActiveX controls
Attend a webinar to learn more about Beyond Trust Privilege Manager. For the registration of the webinar, please click the link below:

Wednesday, February 11, 2009 2:00pm - 2:45pm EST

If you have any questions, please don't hesitate to contact us at 2556-2162 or through email: sales@ppn.com.hk.


PPN - Marketing
Safe Unsubscribe
This email was sent to francisfung@ppn.com.hk by marketing@ppn.com.hk.
Pacific Professional Network | Unit 2105, Fortress Tower, | 250 King's Road, | North Point, | Hong Kong | Hong Kong