A record high of 858 total Microsoft vulnerabilities were discovered in 2019

Report finds that removing admin rights from endpoints would mitigate 77% of all Critical Microsoft vulnerabilities from last year.

  • 4 years ago Posted in
BeyondTrust has released its Microsoft Vulnerabilities Report. The research provides the latest annual breakdown into security vulnerabilities facing organizations today, as well as a five-year trends analysis to better equip organizations to increase their IT security posture and keep networks and systems safe.

Now in its seventh edition, this year’s report identified the following highlights:

  • In 2019, a record-high number of 858 Microsoft vulnerabilities was discovered
  • The number of reported vulnerabilities has risen 64% in the last five years (2015-2019)
  • Removing admin rights from endpoints would mitigate 77% of all Critical Microsoft vulnerabilities in 2019
  • 100% of Critical vulnerabilities in Internet Explorer would have been mitigated by removing admin rights
  • 100% of Critical vulnerabilities in Microsoft Edge would have been mitigated by removing admin rights
  • 80% of Critical vulnerabilities affecting Windows 7, 8.1 and 10 would have been mitigated by removing admin rights
  • 80% of Critical vulnerabilities affecting Windows Servers would have been mitigated by removing admin rights

Further analysis indicates that on average over the last five years 83% of all Critical vulnerabilities published by Microsoft could have been mitigated by security teams removing admin rights from users.

“Removing admin rights is not just about security,” said Sami Laiho, Microsoft MVP and Ethical Hacker. “Removing admin rights will also allow your computers to run faster, better and longer, with less reinstallations. My larger customers have measured a 75% reduction in the amount of help desk tickets after removing admin rights, resulting in a more secure and productive environment for extended periods of time.”

“The rate at which vulnerabilities are increasing is a significant concern for organizations committed to protecting their networks from data breaches,” said Morey Haber, Chief Technology Officer & Chief Information Security Officer at BeyondTrust. “Recent global events have highlighted the critical need to continue to focus on information security. The ability to remove admin rights and control applications is no longer difficult to achieve, and least privilege should always be considered as part of a proactive security strategy.”

Talent and training partner, mthree, which supports major global tech, banking, and business...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
Humans may do a lot less of the testing themselves in the future, but they will still have to peer...
JFrog has released the findings of an IDC survey indicating developers are spending significantly...
New research from Mendix finds that low-code tools are no longer simply a tactical solution for...
Global study of over 1,300 tech professionals uncovers opportunities for enhanced security training...
Global IT Business-to-Business (B2B) revenues, coming from data centers, IT services and devices,...
Confluent adds Table API support for Apache Flink® making it even easier for developers to use...