Arellia Finds That Over 50% of Microsoft, Adobe, and Mozilla Software Vulnerabilities are Mitigated by Privilege Management in 2012
February 1, 2013 – Salt Lake City, Utah
Arellia, a leader in privilege management solutions, has analyzed software vulnerabilities disclosed in 2012 from Microsoft, Adobe, and Mozilla to find that the majority of vulnerabilities were impacted by the privileges of the running user.
- Microsoft: 50.6%
- Adobe: 78.4%
- Mozilla: 61.2%
Mitigating vulnerabilities affected by privilege is defined by Microsoft as, “An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.” Arellia found similar mitigations with Adobe and Mozilla.
In analyzing the effectiveness of different privilege levels, Arellia found improvements in vulnerability protection when using Standard User accounts versus Administrator accounts. The best security was achieved when commonly exploited applications had privileges removed using Arellia Application Control Solution. With this approach, applications were protected whether run by an administrator or standard user account.
“With the long lifecycle of zero-day vulnerabilities and increased advanced persistent threats, organizations need to included removing end user and application privileges with their endpoint security strategy,” said Stephen Brown, president of Arellia. “Arellia’s research proves that moving to a least privilege model provides strong protection against known and unknown software vulnerabilities.”
For details on Arellia’s research, download the whitepaper Mitigating Vulnerability Exploits with Privilege Management.
Arellia is a leader is protecting enterprise Windows systems from advanced insider and external security threats through privilege management, application whitelisting, administrator rights management, and security configuration assessment and remediation. With Arellia solutions, organizations can
- Protect against advanced persistent threats
- Prevent insider abuse
- Reduce operating costs
- Maintain regulatory compliance
Arellia solutions have protected over 1 million Windows systems for global Fortune 500, government, and security-focused organizations since 2006. Arellia is headquartered in American Fork, Utah with regional offices in Australia and Germany. To learn how you can improve the security of your Windows systems, visit us at http://www.arellia.com.