INFOGRAPHIC
BeyondTrust research finds 77%
of critical Microsoft vulnerabilities
can be mitigated
The report finds that removing
admin rights from endpoints
would mitigate 77% of all
critical Microsoft vulnerabilities
from last year.
“
80% OF CRITICAL
VULNERABILITIES
AFFECTING
WINDOWS 7, 8.1
AND 10 WOULD
HAVE BEEN
MITIGATED BY
REMOVING ADMIN
RIGHTS.
BeyondTrust, a worldwide technology
leader in Privileged Access
Management, has announced the
release of its Microsoft Vulnerabilities Report.
The research provides the latest annual
breakdown into security vulnerabilities facing
organisations today, as well as a five-year
trends analysis to better equip organisations
to increase their IT security posture and keep
networks and systems safe.
Now in its seventh edition, this year’s report
identified the following highlights:
• In 2019, a record-high number of 858
Microsoft vulnerabilities was discovered
• The number of reported vulnerabilities
has risen 64% in the last five years
(2015–2019)
• 100% of critical vulnerabilities in Internet
Explorer would have been mitigated by
removing admin rights
• 100% of critical vulnerabilities in
Microsoft Edge would have been
mitigated by removing admin rights
• 80% of critical vulnerabilities affecting
Windows 7, 8.1 and 10 would have been
mitigated by removing admin rights
• 80% of critical vulnerabilities affecting
Windows Servers would have been
mitigated by removing admin rights
Further analysis indicates that on average
over the last five years, 83% of all critical
vulnerabilities published by Microsoft could
have been mitigated by security teams
removing admin rights from users.
“Removing admin rights is not just about
security,” said Sami Laiho, Microsoft MVP
and Ethical Hacker. “Removing admin rights
will also allow your computers to run faster,
better and longer, with less reinstallations.
My larger customers have measured a 75%
“
THE RATE
AT WHICH
VULNERABILITIES
ARE INCREASING
IS A SIGNIFICANT
CONCERN FOR
ORGANISATIONS
COMMITTED TO
PROTECTING
THEIR NETWORKS
FROM DATA
BREACHES.
reduction in the amount of help desk tickets
after removing admin rights, resulting in a
more secure and productive environment for
extended periods of time.”
“The rate at which vulnerabilities are
increasing is a significant concern for
organisations committed to protecting their
networks from data breaches,” said Morey
Haber, Chief Technology Officer and Chief
Information Security Officer at BeyondTrust.
“Recent global events have highlighted
the critical need to continue to focus on
information security. The ability to remove
admin rights and control applications is no
longer difficult to achieve and least privilege
should always be considered as part of a
proactive security strategy.” •
30 INTELLIGENTCIO www.intelligentcio.com