Many of the difficulties with computers that have plagued us over the last few years center on vulnerabilities. Vulnerabilities come in many forms. Without getting too “wonky” most of what we hear about is problems with Windows® and remote code execution vulnerabilities, a recent study has shown that the majority of those issues can be avoided simply by removing administrator rights to the system .
• Taking away the administrative rights from Microsoft Windows 7 users will lessen the risk posed by 90 percent of the critical Windows 7 vulnerabilities reported to date and 100 percent of the Microsoft Office vulnerabilities reported last year.
• It will also mitigate the risk of 94 percent of vulnerabilities reported in all versions of Internet Explorer in 2009 and 100 percent of the vulnerabilities reported in Internet Explorer 8 during the same time period.
• Finally, it will reduce the danger posed by 64 percent of all Microsoft vulnerabilities reported last year.
Some tasks are much more difficult if the logged on user does not have administrative rights such as accepting malware that will infect your computer or redirect data from it without your knowledge. This is desirable.
We often get caught in the paradox of making infrequent tasks easy while we make frequent tasks more vulnerable. Consider the following;
• How often do you check email (frequent?)
• How often do you install a new security update (infrequent?)
If we extend the same concept to that of the proper care and operation of an automobile, we might ask if we need access to the engine compartment every time we operate our car. We really only need that sort of access when we are performing maintenance, right?
In short, the casual user may find that the life and health of their system will be greatly enhanced if they use a standard user account for everyday use and use an administrator account only for the following infrequent types of tasks;
• Install new software
• Updated security software (Anti-Malware, Anti-Virus, Anti-Spyware)
• Update security patches
• Operating System (Windows®, Linux, Mac® OS X, etc.)
• Applications (Word, Outlook, Quickbooks, etc)