Apply the findings from this year’s report to enhance your organization’s security
Now in its sixth year, the annual Microsoft Vulnerabilities Report provides comprehensive insight into a year’s worth of vulnerability disclosures by Microsoft. We analyzed the aggregate data and then probed deeper into these reported vulnerabilities. The report breaks down the vulnerabilities across key products, and most importantly, reveals how many of them could have easily been mitigated.
2019 Microsoft Vulnerabilities Report: Key Findings
Vulnerabilities have hit yet another record high this year, with a total of 700 disclosed. Of these, 189 were considered critical. Critical vulnerabilities are the most dangerous as they could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control over it. Since this report’s inception in 2013, the number of critical vulnerabilities has risen by 30%.
The good news, however, is that the majority of these critical vulnerabilities (81%) discovered in 2018 could be mitigated by simply removing administrator user rights from Windows endpoints. As we investigated individual Microsoft products more closely, we found similar results:
- 92% of critical vulnerabilities in the browsers Internet Explorer & Edge could have been mitigated by removing admin rights
- 85% of critical vulnerabilities in Windows 7, 8.1 and 10 would have been mitigated by removing admin rights
- 83% of critical vulnerabilities in Windows Servers would have been mitigated by removing admin rights
The updated Microsoft Vulnerabilities Report reinforces the importance of establishing and enforcing least privilege, and applying patches in a timely manner.
Endpoint Privilege Management removes excessive user privileges on Microsoft desktops and servers, without negatively impacting end-user productivity - so why are so many organizations still guilty of giving out admin rights way too often?
A modern, simple solution to reduce your risk
Kip Boyle, CEO of Cyber Risk Opportunities, cites patching applications and restricting administrative privileges as two of the most essential steps toward enhancing IT security.