Nine of out 10 critical bugs reported by Microsoft last year could have been made moot, or at least made less dangerous, if people ran Windows without administrative rights, a developer of enterprise rights management software claimed today.
BeyondTrust Corp., which touts its Privilege Manager as a way for companies to lock down PCs, tallied the individual vulnerabilities that Microsoft disclosed in 2008, then examined each accompanying security bulletin. If the bulletin's "Mitigating Factors" section, the part that spells out how to lessen the risk of attack or eliminate it entirely, said that users with fewer rights "could be less impacted than users who operate with administrative rights," BeyondTrust counted the bug.
|