Go Back   TechArena Community > Software > Operating Systems
Become a Member!
Forgot your username/password?
Register Tags Active Topics RSS Search Mark Forums Read

Sponsored Links



Windows 7 - More Secure Without Admin Rights

Operating Systems


Reply
 
Thread Tools Search this Thread
  #1  
Old 07-10-2010
Member
 
Join Date: Feb 2010
Posts: 592
Windows 7 - More Secure Without Admin Rights
  

What seems difficult to truism, was now occupied by an analysis: Working with Windows 7 users without administrative rights, will remain 90 percent of all attacks on Windows vulnerabilities ineffective. In the case of Microsoft Office is as high as 100 percent.

According to a report of the IT security product manufacturer Beyond Trust, a majority of security problems in Microsoft products by the removal of administrative rights are restricted. Beyond Trust in 2009 looked at all of Microsoft security bulletins released for Windows, Office and Internet Explorer. The results were clear: 64 percent of all security breaches could not be used if the current user has no admin powers.

For Windows 7, so 90 percent of a critical security gaps be countered, in the case of Office and Internet Explorer 8 is as high as 100 percent. The fact that Windows 7 is a total secure than Windows XP, for example, is also clear from the report: In Windows XP can be achieved by the withdrawal of administrative privileges to only 62 percent of the attacks to prevent security breaches. Also interesting is the high value of 87 percent in relation to remote code execution. For this elite class among the attacks - the attacker can execute thereby allow arbitrary code on the victim's PC - had only 13 percent of all cases of success, the admin rights were revoked. Overall, stay more than four in five (81 percent) of all in 2009 are considered critical vulnerabilities without effect if the user works with normal user rights.

Reply With Quote
  #2  
Old 07-10-2010
Member
 
Join Date: Feb 2010
Posts: 531
Re: Windows 7 - More Secure Without Admin Rights

Although it is not a zero-day exploits is, is against the already grown a little herb: These figures show how important the correct allocation of user rights. Indeed almost no companies on Patch Tuesday security updates provided immediately installed on the workstations. Once attackers have figured out but sometimes within hours of posting the updates in reverse engineering, such as the closed vulnerability to abuse and thus obtain accurate, can be prevented only through the comprehensive protection of PC in the meantime worse. Otherwise, the risk of infection increases considerably during the time between publication and installation of updates. The possible protective measures include the award of matching rights for the user.
Reply With Quote
  #3  
Old 07-10-2010
Member
 
Join Date: Feb 2010
Posts: 532
Re: Windows 7 - More Secure Without Admin Rights

This one has ever heard so many times that increase the admin rights to safety. Microsoft itself, it was supposed to know. However, I find it really sad that any pre-installed Windows has admin rights. Many users do not even know how to do it surrounded, so you have no admin rights. One could almost say that Micorsoft thereby promoting the spread of malicious software. Sorry.

Hopefully it will be in Windows 8 better
Reply With Quote
  #4  
Old 07-10-2010
Member
 
Join Date: Feb 2010
Posts: 638
Re: Windows 7 - More Secure Without Admin Rights

Quote:
This one has ever heard so many times that increase the admin rights to safety. Microsoft itself, it was supposed to know. However, I find it really sad that any pre-installed Windows has admin rights. Many users do not even know how to do it surrounded, so you have no admin rights. One could almost say that Micorsoft thereby promoting the spread of malicious software. Sorry.
Which became Windows Vista has been different. Through the User Account Control, the user is working by default with administrative rights, but as a standard user, even if he uses an administrative account. In 7th Edition of the Microsoft-analysis on IT security (SIR), one can also see the impact of this change: is Thus, when comparing the RTM versions of Windows Vista, the infection rate 85.3 percent lower than that of Windows XP and Vista SP1 in order to 61.9 percent below that of Windows XP SP3. The higher the used service pack version that is, the lower the infection rate. Where users who install the service packs, wait for your computer is usually better than users who install any service packs, and also are often cautious when surfing the Internet, when opening attachments and other activities designed to make computers for attacks. And while surfing the web browser-based attacks are on Windows XP-based computer from 56.4 percent of all Microsoft vulnerabilities, while Windows Vista-based computers only 15.5 percent are. I think all this shows very well that we can not wait for Windows vegetables 8th Microsoft takes security very seriously and develops its products consistently in terms of safety.
Reply With Quote
  #5  
Old 08-02-2011
Member
 
Join Date: Nov 2008
Posts: 52
Re: Windows 7 - More Secure Without Admin Rights

I also think that it is with Vista a lot has improved. Unfortunately, it was by default under 7 again a step back: the standard set (second highest) UAC-level allows a few additional steps, admin actions in code injection to perform without the UAC prompt appears. To set the UAC to the highest level (as with Vista available), run these attacks, however ineffective, and it works really safe and comfortable at the same time. WinXP users I personally can Surun, the UAC-like queries allowed by, and 7 as in Vista with elevated privileges to run certain processes. Even under Vista and Windows 7, the program can add value. (For example, you can start the Control Panel with admin rights to make several settings without UAC prompt;. Under 7 this works but not yet).
Reply With Quote
  #6  
Old 08-02-2011
Member
 
Join Date: Dec 2008
Posts: 87
Re: Windows 7 - More Secure Without Admin Rights

UAC is really no security barrier, which I had forgotten. And of course has therefore also right there (in theory at least) different ways to work around UAC. Nevertheless, I feel the highest level by UAC to be a lot safer than the default setting in Windows 7. Surun have recommended to me because it makes it easier, at least under XP to work. What ways are there to trick the program (eg race conditions), I can not say. If I understand correctly, the user is, however, at no time even for a short administrator (as opposed to SuDown). (I also must say that my knowledge in system security architecture is only rudimentary.)
Reply With Quote
  #7  
Old 14-02-2011
Member
 
Join Date: Aug 2006
Posts: 162
Re: Windows 7 - More Secure Without Admin Rights

There is a difference between security feature and Security Boundary. You seem to confuse the two in relation to UAC. The solution, Ubuntu and MacOS is implemented, in my opinion, not better. If both the default account is not in the root group included? I do not have current installations to verify this but to my knowledge are not the simple user. The use of sudo this is its own set of security problems that we have deliberately not implemented in Windows.
Reply With Quote
  #8  
Old 14-02-2011
Member
 
Join Date: Aug 2006
Posts: 253
Re: Windows 7 - More Secure Without Admin Rights

UAC is not a "security boundary", but permits easier to work as an admin and is Vista-level bypass in spite of everything, or almost certainly far from easy. Or, as expressed by Leo Davidson: UAC in Vista provided a good security layer between admin and non-admin code and user interfaces. UAC was not a security boundary in the strict technical sense but it did do a good job of making it very difficult to cross from one side to the other without user consent. Not for nothing Microsoft integrity levels, the UAC query over a secure desktop etc. is introduced. In my opinion, belong to the split token admin as viruses that can install itself in the Windows directory without further ado, the past. (Sure, it was a standard user on XP no different, but in XP you have not just worked from the outset as a standard user). The standard level of Windows 7, but it also easily allows malicious code to run admin actions without seeming to a UAC prompt. Theoretically, the UAC is also the highest level possible, but that seems to be so complex that up to now in practice or not is hardly turned up - and it shows that MS has done a very good job in this regard. Nevertheless, one should also improve for Windows 8 here, to promote as a standard user really similar to the standard, because "better safe than sorry" (stupid pun, admittedly).
Reply With Quote
Reply

  TechArena Community > Software > Operating Systems
Tags: , , , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "Windows 7 - More Secure Without Admin Rights"
Thread Thread Starter Forum Replies Last Post
Windows Server 2008 - Limited Admin Rights Alan Z. Scharf Windows Server Help 4 26-10-2009 02:54 AM
No Admin Rights in Windows 7 robin45 Operating Systems 3 12-10-2009 05:43 PM
domain admin rights Billie Active Directory 4 21-05-2008 01:52 AM
local admin rights Leonard Windows Server Help 4 26-04-2008 04:55 AM
CMD? Admin rights? a little confused Vista Help 4 23-03-2008 02:43 AM


All times are GMT +5.5. The time now is 03:18 PM.