Windows 7 is the safest and most secure desktop operating system from Microsoft yet, but it's still not impervious to attacks. But according to IT solutions firm BeyondTrust, 90-percent of critical Windows 7 vulnerabilities can be mitigated by the removal of administrator rights from Windows users
Key findings from this report show that removing administrator rights will better protect companies against the exploitation of:
- 90-percent of critical Windows 7 vulnerabilities reported to date
- 100-percent of Microsoft Office vulnerabilities reported in 2009
- 94-percent of Internet Explorer and 100 percent of Internet Explorer 8 vulnerabilities reported in 2009
- 64-percent of all Microsoft vulnerabilities reported in 2009
The findings aren't earth shattering by any imagination. Even Microsoft shares this best practice advice in the "Mitigating Factors" portion of Microsoft’s security bulletins: "Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."
While most readers of Tom's Hardware may prefer to operate in their Windows 7 environment with admin rights, those in charge of computers for a group or enterprise should without a doubt configure user accounts without administrative rights.
Read more about the report at Ars Technica.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
In other words, don't disable the UAC.Reply
So instead of malware disabling the abilities of my computer, I should disable them?Reply
As long as the effected users aren't installing things, or editing certain types of files, its fine...Reply
Yet another recommendation from the blatantly obvious IT security practices department.Reply
Even XP will be safer if the user have no admin right, the problem is most software require admin rights to run. M$ must have done something about this longtime ago advising software developer to create software which will run even with limited rights.Reply
wait i thought this was a no brainer...Reply
Trying to catch up with Linux, Ubuntu uses the sudo command to gain access. That's what it seems like to me.Reply
Nothing new. Friends of mine have restricted access on the pc's where they work. Its been that way for a long time.Reply
saint19In other words, don't disable the UAC.Running with UAC on and admin turned off?Reply
No way in hell will that ever happen bud. I like to be able to use my OS.
JohnnyLuckyNothing new. Friends of mine have restricted access on the pc's where they work. Its been that way for a long time.I'd bring my own PC to work. If they said no, I'd run their PC and my laptop side by side, doing all work on the laptop and just transferring whatever data I need...
This would be effective for companies especially with those employees that has limited knowledge on PCs. As for me, it would affect my productivity as it would be annoying and frustrating to not be able to control my PC in my own accord.Reply