Sign in with
Sign up | Sign in

To Make Windows 7 Safer: Remove Admin Rights

By - Source: Tom's Hardware US | B 5 comments
Tags :

Windows 7 is hard to hack if the user account doesn't have administrator rights.

Windows 7 is the safest and most secure desktop operating system from Microsoft yet, but it's still not impervious to attacks. But according to IT solutions firm BeyondTrust, 90-percent of critical Windows 7 vulnerabilities can be mitigated by the removal of administrator rights from Windows users

Key findings from this report show that removing administrator rights will better protect companies against the exploitation of:

  • 90-percent of critical Windows 7 vulnerabilities reported to date
  • 100-percent of Microsoft Office vulnerabilities reported in 2009
  • 94-percent of Internet Explorer and 100 percent of Internet Explorer 8 vulnerabilities reported in 2009
  • 64-percent of all Microsoft vulnerabilities reported in 2009

The findings aren't earth shattering by any imagination. Even Microsoft shares this best practice advice in the "Mitigating Factors" portion of Microsoft’s security bulletins: "Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."

While most readers of Tom's Hardware may prefer to operate in their Windows 7 environment with admin rights, those in charge of computers for a group or enterprise should without a doubt configure user accounts without administrative rights.

Read more about the report at Ars Technica.

Discuss
Display all 5 comments.
This thread is closed for comments
  • 0 Hide
    excalibur1814 , 2 April 2010 17:57
    Pretty obvious, BUT, the people who are running as admin will read this and STILL not change.

  • 0 Hide
    ss78 , 2 April 2010 19:10
    When I studied IT and MCSE, the tutor told us this and some more things to do to help increase security and this was about 10 years ago!
  • 1 Hide
    flaminggerbil , 2 April 2010 19:34
    excalibur1814Pretty obvious, BUT, the people who are running as admin will read this and STILL not change.

    I'll change this as soon as I get my first virus, until then I canne be fucked with running as a non admin user, too much bother.
  • 0 Hide
    excalibur1814 , 2 April 2010 19:42
    Quote: "When I studied IT and MCSE, the tutor told us this and some more things to do to help increase security and this was about 10 years ago!"

    I would have thought that MS would be pushing this info each day ALONG with pop ups etc. Maybe the next version will automatically setup an admin vs standard user.

    flaminggerbil: True, same here. My g/f is running as a standard admin and she doesn't even notice.
  • 0 Hide
    Anonymous , 3 April 2010 03:26
    Does this mean UAC = fail?