Mitigating Microsoft Patch Tuesday Vulnerabilities

by Mary Rose 5. May 2011 13:33

During Microsoft Patch Tuesdays, there are numerous vulnerabilities involved as outlined in the security bulletin that Microsoft issues during the patch releases.  Firewalls, web filters, anti-spam, NAC, and anti-virus solutions do help to protect against IT security threats and the more layers of security protection a company adds, the more they reduce the risk of a costly and embarrassing IT security breach.  Another very effective method for mitigating vulnerabilities is for companies to remove administrator rights from users.   

“A locked down endpoint is less susceptible to malware that exploits the vulnerabilities that are highlighted every month on Patch Tuesday,” said Dwain Kinghorn, Partner at SageCreek Partners and author of the white paper. 

A review of all the software updates that Microsoft released in 2010 demonstrates that month after month there are vulnerabilities in Windows, Internet Explorer, and Microsoft Office that are mitigated when the user is not running with administrator privileges, specifically:  

  • 9 months in which there was at least one update for Microsoft Windows that addressed issues that were less significant when users didn’t have administrative rights
  • 7 months in which there was at least one update for Internet Explorer that addressed issues that were less significant when users didn’t have administrative rights
  • 11 months in which there were updates for Microsoft Office that addressed issues that were less impacted when users didn’t have administrative rights

Click here to download the full analysis. 

Viewfinity’s Privilege Management balances the rigidity of locking down end points with the needs of user customization. It provides IT security professionals with a method for further securing the end-point by elevating privileges at the application level, or for desktop functions, rather than providing total administrative privileges. Systems are less at risk without sacrificing user productivity or increasing support call volume.

Do you know who has administrator rights on your Windows domain?  If you aren’t sure then download our Local Admin Discovery tool to find out. This tool is provided at no cost to your organization. After the analysis is run, IT Administrators can take action, if needed, by removing the users or suspicious groups from the Administrators group.

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags: , , , , ,

Administrative Rights | application control | Desktop Lockdown | Patch Management | Security | Security Protection | Viewfinity | Local Admin Discovery Tool

E-mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (0) | Post RSSRSS comment feed

Comments

Add comment


 

  Country flag

biuquote
  • Comment
  • Preview
Loading



Powered by BlogEngine.NET 1.4.5.0
Theme by Mads Kristensen

Calendar

<<  May 2012  >>
MoTuWeThFrSaSu
30123456
78910111213
14151617181920
21222324252627
28293031123
45678910

View posts in large calendar

About Viewfinity

Viewfinity provides privilege management and application control for desktops, laptops and servers, empowering enterprises to meet compliance mandates, reduce security risks, and lower IT costs. Many enterprises are implementing least privileges to add a solid layer of defense for desktop environments, further protecting against malware and Advanced Persistent Threats. Viewfinity allows IT Administrators to create and enforce default-deny and elevated permission policies for endpoint access to applications and desktop functions by controlling user rights for desktops and mobile laptop/netbook users. For more information, visit www.viewfinity.com.

Follow us on Twitter: viewfinity
Find us on LinkedIn: www.linkedin.com/companies/viewfinity
Become a fan on Facebook: www.viewfinity.com/facebook