Apply the findings from this year’s report to enhance your organization’s security

Now in its sixth year, the annual Microsoft Vulnerabilities Report provides comprehensive insight into a year’s worth of vulnerability disclosures by Microsoft. We analyzed the aggregate data and then probed deeper into these reported vulnerabilities. The report breaks down the vulnerabilities across key products, and most importantly, reveals how many of them could have easily been mitigated.

2019 Microsoft Vulnerabilities Report: Key Findings

Vulnerabilities have hit yet another record high this year, with a total of 700 disclosed. Of these, 189 were considered critical. Critical vulnerabilities are the most dangerous as they could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control over it. Since this report’s inception in 2013, the number of critical vulnerabilities has risen by 30%.

The good news, however, is that the majority of these critical vulnerabilities (81%) discovered in 2018 could be mitigated by simply removing administrator user rights from Windows endpoints. As we investigated individual Microsoft products more closely, we found similar results:

  • 92% of critical vulnerabilities in the browsers Internet Explorer & Edge could have been mitigated by removing admin rights
  • 85% of critical vulnerabilities in Windows 7, 8.1 and 10 would have been mitigated by removing admin rights
  • 83% of critical vulnerabilities in Windows Servers would have been mitigated by removing admin rights

The updated Microsoft Vulnerabilities Report reinforces the importance of establishing and enforcing least privilege, and applying patches in a timely manner.

Endpoint Privilege Management removes excessive user privileges on Microsoft desktops and servers, without negatively impacting end-user productivity - so why are so many organizations still guilty of giving out admin rights way too often?

A modern, simple solution to reduce your risk

Kip Boyle, CEO of Cyber Risk Opportunities, cites patching applications and restricting administrative privileges as two of the most essential steps toward enhancing IT security.

Quote Image

“If routinely installing critical patches is the digital equivalent of washing your hands after using the toilet, then we collectively have terrible cyber hygiene.”

Kip Boyle, CEO of Cyber Risk Opportunities

While eliminating admin rights can greatly improve security around Microsoft products and reduce the risks from their vulnerabilities, many IT leaders are concerned with how to balance access restrictions with maintaining a positive user experience.

To address this challenge, modern endpoint privilege management solutions can be deployed to dynamically exert granular control over access to applications, tasks, and scripts in a way that makes this balance seamless and the security invisible to the end user. These solutions elevate access as needed for applications—without elevating the user’s actual privileges--to ensure that users are productive and protected.

For more insight, a breakdown of the stats, and exclusive commentary from a number of IT security leaders, download the full Microsoft Vulnerabilities Report today.

Read the report? What can you do next?

As the only analyst-recognized leader in privileged access management AND vulnerability management, BeyondTrust is uniquely positioned to help organizations holistically address privilege-related risks and other vulnerabilities. Contact us to learn how.