NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Videos
    • Glossary
    • Infographics
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Zero-day Vulnerability in Microsoft Windows: How to Protect Your Organizations’ Privileged Accounts

September 11, 2018

  • Blog
  • Archive
  1. Home
  2. Blog
  3. Zero-day Vulnerability in Microsoft Windows: How to Protect Your Organizations’ Privileged Accounts

Zero Day

Last month, a security researcher reported a vulnerability that impacts privileged accounts in Microsoft Windows environments. The alert stated, “Microsoft Windows task scheduler contains a vulnerability in the handling of ALPC, which can allow a local user to gain SYSTEM privileges.” Specifically, the ALPC zero-day vulnerability allows attackers to gain the admin rights needed to implement their backdoors.

The good news is that Microsoft’s Patch Tuesday release on September 11th will likely correct the issue. But this sort of vulnerability makes you wonder: are you doing everything you can to protect your organization’s privileged accounts?

Eliminating excessive rights on user endpoints is a great first step to close security gaps. After all, 95% of system vulnerabilities on Microsoft Windows systems can be eliminated by removing admin rights. But protecting your organization’s privileged accounts from sophisticated attacks might require an additional layer of protection. For example, if your current security solutions can’t provide security risk visibility into the status of the applications targeted for privilege elevation, or worse, if those applications’ privileges are elevated for use without first determining their safety, you haven’t really protected your organization.

If you’re tackling endpoint privilege management with a bunch of point tools that work in a silo but don’t come together to paint a broader picture of user behavior, then there’s a chance that your organization is still vulnerable. BeyondTrust can help.

PowerBroker for Windows is a privilege management solution that gives you unmatched visibility and control over physical and virtual desktops and servers. With PowerBroker for Windows, you can:

  • Reduce attack surfaces by removing admin rights from end users and employing fine-grained policy controls for all privileged access, without disrupting productivity.
  • Monitor and audit sessions for unauthorized access and/or changes to files and directories.
  • Analyze behavior to detect suspicious user, account and asset activity.

While we anxiously await the patch to fix the Microsoft vulnerability, here are three tips to help protect your organization from future attacks:

  1. Do not allow users to log in with administrator access. Most users only require a handful of applications that require elevated rights to perform their job duties. PowerBroker for Windows can easily create policy that allows these apps to run as expected without giving the user those rights. Without these rights, attackers cannot load malware, move laterally, and infect the system.
  2. Know who in your organization has access to privileged credentials. Understanding which users have access to these credentials and under what conditions is a fundamental component in preventing breaches. PowerBroker Password Safe addresses this need by controlling access to accounts and systems within your network and identifying misuse. You can start by performing a quick discovery scan to find and profile all user and local accounts.
  3. Use effective application control: Controlling which applications are even allowed to execute should be a critical priority in your security model. PowerBroker for Windows includes Application Control as part of its core functionality. Beyond allow listing and block listing, PowerBroker includes vulnerability insights into the application targeted for elevation before granting privileges.

To learn more about how BeyondTrust solutions can help simplify and secure the application of least privilege in your Microsoft Environment, contact us today.

Photograph of Sandi Green

Sandi Green, Product Marketing Manager, BeyondTrust

Sandi Green is the Product Marketing Manager for PowerBroker Password Safe, PowerBroker for Windows, and PowerBroker Mac at BeyondTrust. She has over 20 years of sales and solutions marketing experience with technology companies that served a variety of industries ranging from life sciences, human capital management, consumer packaged goods and most recently IT security. When she’s not following the latest trends in Cybersecurity, she’s busy following college football and basketball. Follow her on Twitter at @SandiGreen3.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

IDSA Report: 2022 Trends in Securing Digital Identities

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Infographics
  • Podcast
  • Videos
  • Webinars
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.