To Make Windows 7 Safer: Remove Admin Rights

Windows 7 is the safest and most secure desktop operating system from Microsoft yet, but it's still not impervious to attacks. But according to IT solutions firm BeyondTrust, 90-percent of critical Windows 7 vulnerabilities can be mitigated by the removal of administrator rights from Windows users

Key findings from this report show that removing administrator rights will better protect companies against the exploitation of:

  • 90-percent of critical Windows 7 vulnerabilities reported to date
  • 100-percent of Microsoft Office vulnerabilities reported in 2009
  • 94-percent of Internet Explorer and 100 percent of Internet Explorer 8 vulnerabilities reported in 2009
  • 64-percent of all Microsoft vulnerabilities reported in 2009

The findings aren't earth shattering by any imagination. Even Microsoft shares this best practice advice in the "Mitigating Factors" portion of Microsoft’s security bulletins: "Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."

While most readers of Tom's Hardware may prefer to operate in their Windows 7 environment with admin rights, those in charge of computers for a group or enterprise should without a doubt configure user accounts without administrative rights.

Read more about the report at Ars Technica.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
34 comments
Comment from the forums
    Your comment
    Top Comments
  • Anonymous
    wait i thought this was a no brainer...
    17
  • saint19
    In other words, don't disable the UAC.
    12
  • XD_dued
    So instead of malware disabling the abilities of my computer, I should disable them?
    12
  • Other Comments
  • saint19
    In other words, don't disable the UAC.
    12
  • XD_dued
    So instead of malware disabling the abilities of my computer, I should disable them?
    12
  • Rancifer7
    As long as the effected users aren't installing things, or editing certain types of files, its fine...
    4