Results 1 to 8 of 8

Thread: Windows 7 - More Secure Without Admin Rights

  1. #1
    Join Date
    Feb 2010
    Posts
    592

    Windows 7 - More Secure Without Admin Rights

    What seems difficult to truism, was now occupied by an analysis: Working with Windows 7 users without administrative rights, will remain 90 percent of all attacks on Windows vulnerabilities ineffective. In the case of Microsoft Office is as high as 100 percent.

    According to a report of the IT security product manufacturer Beyond Trust, a majority of security problems in Microsoft products by the removal of administrative rights are restricted. Beyond Trust in 2009 looked at all of Microsoft security bulletins released for Windows, Office and Internet Explorer. The results were clear: 64 percent of all security breaches could not be used if the current user has no admin powers.

    For Windows 7, so 90 percent of a critical security gaps be countered, in the case of Office and Internet Explorer 8 is as high as 100 percent. The fact that Windows 7 is a total secure than Windows XP, for example, is also clear from the report: In Windows XP can be achieved by the withdrawal of administrative privileges to only 62 percent of the attacks to prevent security breaches. Also interesting is the high value of 87 percent in relation to remote code execution. For this elite class among the attacks - the attacker can execute thereby allow arbitrary code on the victim's PC - had only 13 percent of all cases of success, the admin rights were revoked. Overall, stay more than four in five (81 percent) of all in 2009 are considered critical vulnerabilities without effect if the user works with normal user rights.

  2. #2
    Join Date
    Feb 2010
    Posts
    531

    Re: Windows 7 - More Secure Without Admin Rights

    Although it is not a zero-day exploits is, is against the already grown a little herb: These figures show how important the correct allocation of user rights. Indeed almost no companies on Patch Tuesday security updates provided immediately installed on the workstations. Once attackers have figured out but sometimes within hours of posting the updates in reverse engineering, such as the closed vulnerability to abuse and thus obtain accurate, can be prevented only through the comprehensive protection of PC in the meantime worse. Otherwise, the risk of infection increases considerably during the time between publication and installation of updates. The possible protective measures include the award of matching rights for the user.

  3. #3
    Join Date
    Feb 2010
    Posts
    532

    Re: Windows 7 - More Secure Without Admin Rights

    This one has ever heard so many times that increase the admin rights to safety. Microsoft itself, it was supposed to know. However, I find it really sad that any pre-installed Windows has admin rights. Many users do not even know how to do it surrounded, so you have no admin rights. One could almost say that Micorsoft thereby promoting the spread of malicious software. Sorry.

    Hopefully it will be in Windows 8 better

  4. #4
    Join Date
    Feb 2010
    Posts
    638

    Re: Windows 7 - More Secure Without Admin Rights

    This one has ever heard so many times that increase the admin rights to safety. Microsoft itself, it was supposed to know. However, I find it really sad that any pre-installed Windows has admin rights. Many users do not even know how to do it surrounded, so you have no admin rights. One could almost say that Micorsoft thereby promoting the spread of malicious software. Sorry.
    Which became Windows Vista has been different. Through the User Account Control, the user is working by default with administrative rights, but as a standard user, even if he uses an administrative account. In 7th Edition of the Microsoft-analysis on IT security (SIR), one can also see the impact of this change: is Thus, when comparing the RTM versions of Windows Vista, the infection rate 85.3 percent lower than that of Windows XP and Vista SP1 in order to 61.9 percent below that of Windows XP SP3. The higher the used service pack version that is, the lower the infection rate. Where users who install the service packs, wait for your computer is usually better than users who install any service packs, and also are often cautious when surfing the Internet, when opening attachments and other activities designed to make computers for attacks. And while surfing the web browser-based attacks are on Windows XP-based computer from 56.4 percent of all Microsoft vulnerabilities, while Windows Vista-based computers only 15.5 percent are. I think all this shows very well that we can not wait for Windows vegetables 8th Microsoft takes security very seriously and develops its products consistently in terms of safety.

  5. #5
    Join Date
    Nov 2008
    Posts
    52

    Re: Windows 7 - More Secure Without Admin Rights

    I also think that it is with Vista a lot has improved. Unfortunately, it was by default under 7 again a step back: the standard set (second highest) UAC-level allows a few additional steps, admin actions in code injection to perform without the UAC prompt appears. To set the UAC to the highest level (as with Vista available), run these attacks, however ineffective, and it works really safe and comfortable at the same time. WinXP users I personally can Surun, the UAC-like queries allowed by, and 7 as in Vista with elevated privileges to run certain processes. Even under Vista and Windows 7, the program can add value. (For example, you can start the Control Panel with admin rights to make several settings without UAC prompt;. Under 7 this works but not yet).

  6. #6
    Join Date
    Dec 2008
    Posts
    87

    Re: Windows 7 - More Secure Without Admin Rights

    UAC is really no security barrier, which I had forgotten. And of course has therefore also right there (in theory at least) different ways to work around UAC. Nevertheless, I feel the highest level by UAC to be a lot safer than the default setting in Windows 7. Surun have recommended to me because it makes it easier, at least under XP to work. What ways are there to trick the program (eg race conditions), I can not say. If I understand correctly, the user is, however, at no time even for a short administrator (as opposed to SuDown). (I also must say that my knowledge in system security architecture is only rudimentary.)

  7. #7
    Join Date
    Aug 2006
    Posts
    162

    Re: Windows 7 - More Secure Without Admin Rights

    There is a difference between security feature and Security Boundary. You seem to confuse the two in relation to UAC. The solution, Ubuntu and MacOS is implemented, in my opinion, not better. If both the default account is not in the root group included? I do not have current installations to verify this but to my knowledge are not the simple user. The use of sudo this is its own set of security problems that we have deliberately not implemented in Windows.

  8. #8
    Join Date
    Aug 2006
    Posts
    253

    Re: Windows 7 - More Secure Without Admin Rights

    UAC is not a "security boundary", but permits easier to work as an admin and is Vista-level bypass in spite of everything, or almost certainly far from easy. Or, as expressed by Leo Davidson: UAC in Vista provided a good security layer between admin and non-admin code and user interfaces. UAC was not a security boundary in the strict technical sense but it did do a good job of making it very difficult to cross from one side to the other without user consent. Not for nothing Microsoft integrity levels, the UAC query over a secure desktop etc. is introduced. In my opinion, belong to the split token admin as viruses that can install itself in the Windows directory without further ado, the past. (Sure, it was a standard user on XP no different, but in XP you have not just worked from the outset as a standard user). The standard level of Windows 7, but it also easily allows malicious code to run admin actions without seeming to a UAC prompt. Theoretically, the UAC is also the highest level possible, but that seems to be so complex that up to now in practice or not is hardly turned up - and it shows that MS has done a very good job in this regard. Nevertheless, one should also improve for Windows 8 here, to promote as a standard user really similar to the standard, because "better safe than sorry" (stupid pun, admittedly).

Similar Threads

  1. Windows Server 2008 - Limited Admin Rights
    By Alan Z. Scharf in forum Windows Server Help
    Replies: 4
    Last Post: 26-10-2009, 02:54 AM
  2. No Admin Rights in Windows 7
    By robin45 in forum Operating Systems
    Replies: 3
    Last Post: 12-10-2009, 05:43 PM
  3. domain admin rights
    By Billie in forum Active Directory
    Replies: 4
    Last Post: 21-05-2008, 01:52 AM
  4. local admin rights
    By Leonard in forum Windows Server Help
    Replies: 4
    Last Post: 26-04-2008, 04:55 AM
  5. CMD? Admin rights?
    By a little confused in forum Vista Help
    Replies: 4
    Last Post: 23-03-2008, 02:43 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,715,883.60693 seconds with 17 queries