Now in its third year, the 2015 Microsoft Vulnerabilities Report analyses the data from Security Bulletins issued by Microsoft throughout 2015. Typically issued on the second Tuesday of each month, these “Patch Tuesday” bulletins contain fixes for vulnerabilities affecting Microsoft products. With the launch of Windows 10, this approach changed slightly, with patches being released as soon as they are available.
So what do this year’s findings tell us?
An evolving threat landscape
The pace at which malware is evolving along with the scale of damage it can inflict.. In 12 months, we saw a 52% increase in the number of vulnerabilities reported by Microsoft.
Removing admin rights, the CISOs weapon of choice?
The 2015 Microsoft Vulnerabilities Report once again highlights how a significant number of Critical vulnerabilities could be mitigated by the removal of user admin rights. In total, the risk from 85% of Critical vulnerabilities reported in 2015 could be prevented by simply removing admin rights across the enterprise.
Keeping web-borne threats at bay
The removal of admin rights was once again found to be highly effective in mitigating the threat posed by internet borne malware. A total of 99.5% of vulnerabilities could be managed by the removal of admin rights alone.
Windows 10 is not a security panacea
The launch of Windows 10 in 2015 offered significant improvements in security, however it also offered a fresh target for hackers. Up to 27% of all the vulnerabilities found in 2015 impacted the new OS and of these 82% could be mitigated by removing admin rights.
What can we learn?
The findings from the 2015 Microsoft Vulnerabilities Report act as another wake up call to IT and security teams on power and importance of removing admin rights in an enterprise setting. The research supports the recommendations of respected industry bodies including SANS, The Council on Cyber Security and the Australian Department of Defense, who all list the controlled use of administrative privileges as a fundamental part of their security best practice guidelines.
One of the most effective ways to meet the recommendations of these bodies is to remove administrator rights from users entirely, but give back user flexibility with Privilege Management and Application Control technology that allows all users to function effectively under a standard user account.
Complement this by layering security strategies as part of a defense in depth (DiD) approach. The overlap of these layers of defense aims to ensure that the shortcomings of one security control are covered by another. For example, in the gap between a patch being discovered and applied, Sandboxing technology will trap and contain online threats so that data remains secure.
Download your copy of the report now for the full analysis.
