New
#1
I knew it was a good percentage, but damn!
Source -Taking away the administrative rights from Microsoft Windows 7 users will lessen the risk posed by 90 percent of the critical Windows 7 vulnerabilities reported to date and 100 percent of the Microsoft Office vulnerabilities reported last year.
It will also mitigate the risk of 94 percent of vulnerabilities reported in all versions of Internet Explorer in 2009 and 100 percent of the vulnerabilities reported in Internet Explorer 8 during the same time period.
http://www.darkreading.com/insiderth...01&cid=RSSfeed
To be able to fully access the validity of those findings, one would need to better under exactly who Beyond Trust is (the name does not inspire confidence), and the means that they used to come to these conclusions. Obviously, they do not have access to all data involved, and the sector of data that they do have access to is likely weighted by the nature of those that might have sought help.
Since a great many people are their own administrators, it is obvious that simply being an administrator does not make one infallible. Perhaps this would be more applicable to a business network, with a variety of users involved, but for the majority of us using private computers, these "facts" have little relevance.
EDIT: It would have been more accurate to say that computers would be less vulnerable if there were no people involved at all, but I'm not ready for computers to take over the world.
reports are based on all security bulletins published by Microsoft in 2009 and all reported vulnerabilities of Windows 7 reported to date...
So the results are based on real and legit facts.
Similar article: Report: Windows 7 holes eased by axing admin rights | InSecurity Complex - CNET News
Original BeyondTrust Analyses report: http://www.beyondtrust.com/downloads...y_Analysis.pdf (on pdf format)
Personally, I don't find that the source of the information is MS to be particularly reassuring.
I agree with Seekermeister.
A report from an independent source would be more credulous.
"I am good because I say I am good" does not carry much weight with me.
Just the fact I saw a 100% in there makes me question the validity of the claim, I doubt its truly possible to relieve 100% vulnerabilities with something so simple, If it were true, truly true, Microsoft would have caught it sooner, not that I have much faith in their qc, but I believe them at least competent enough to catch something like that sooner if it were possible.