Analyzing Microsoft's 2016 security reports reveals that 94% of critical vulnerabilities could easily be mitigated

Feb 21, 2017 22:14 GMT  ·  By

Removing administrator rights could have helped mitigate 94% of all Windows vulnerabilities with a Critical rating, reveals a new analysis signed by global security software company Avecto. 

After taking a look at all security bulletins issued by Microsoft throughout 2016, Avecto came up with a few key findings to shed some light on the overall security problems of Windows OS. During the whole 2016, 530 vulnerabilities were reported, a small increase over the previous year. When it comes to Critical vulnerabilities, the number dropped to 189, much better than in 2014 when 240 such problems were reported.

"Remote Code Execution vulnerabilities account for the largest proportion of total Microsoft vulnerabilities. Of these, 70% were classed as Critical. Almost 90% of total RCE vulnerabilities and 94% of Critical RCE vulnerabilities could be mitigated by removal of admin rights," researchers note.

Another vulnerable asset of Microsoft is Edge, the company's latest browser. A total of 111 vulnerabilities were discovered about the browser, 68 of which were critical. All of them could be mitigated by the simple removal of admin rights. The same could be done regarding Internet Explorer, related to which Microsoft announced 109 vulnerabilities, less than half compared to the previous year.

Office products, also vulnerable

Microsoft further reported 79 vulnerabilities regarding Office products, slightly higher than the 62 from the previous year. The data takes into account problems encountered with Office 2010, Office 2013, Office 2016, Microsoft Excel, Word, PowerPoint, Visio and Publisher, to name a few. Removing admin rights would have mitigated 99% of these vulnerabilities.

In regards to Windows Server, Microsoft reported 319 vulnerabilities in 2016. Out of the total, 108 were considered to be Critical vulnerabilities, and 90% of them were mitigated by the removal of admin rights.

"Since 2013 the overall number of vulnerabilities has increased significantly, creating a growing challenge for organizations to manage their patching strategies. Attacks are growing ever-more sophisticated, targeted and hard to detect. In 93% of cases, it took attackers minutes or less to compromise systems," reads the report.

Sami Laiho, Windows security expert, advises that in order to prevent insider threats, companies need to start by limiting the administrative rights on endpoints.

“This year’s report reminds us that the latest isn’t always the greatest – as we’ve seen, Windows 10 actually had the highest proportion of vulnerabilities of any operating system. Even with the knowledge that removing admin rights would mitigate 94% of these critical vulnerabilities, businesses are still not making this a basic standard," ​Avecto Co-founder and Co-CEO Mark Austin told Softpedia.