Beyondtrust.com published a report, somewhat recently, claiming among other quite compelling things, "90% of Critical Microsoft Windows 7 Vulnerabilities are Mitigated by Eliminating Admin Rights"
Other interesting 'facts' they provide say that these are also mitigated by NOT running as a local admin:
- 100% of Microsoft Office vulnerabilities reported in 2009
- 94% of Internet Explorer and 100% of IE 8 vulnerabilities reported in 2009
BUT, reading the first page or so of the report I saw this line:
A vulnerability is considered mitigated by removing administrator rights if the following sentence is located in the Security Bulletin’s Mitigating Factors section, ―Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
could be sounds pretty weak to me so and I wondered how valid all this really is. I'm NOT trying to say it's not safer to run without admin rights, I think that is well known. I just wonder if these stats are something you would use as ammo in an argument, or use to sell a change like that (removing users as local admins) to business side? Thoughts?
[should this supposed to be a community wiki?]
Yes of course it will protect your system (windows, office etc.). Because regular users don't have editing rights on windows and program files folders (where target files for viruses and exploits stored in). All that viruses and exploits can do in this case - infect user's profile, which can simply be fixed under Administrator's account by just deleting User's profile or with simple virus scanner.
Yes and no, if you're facing a targeted attack, Even by Microsoft's own admission, Locally Exploitable Privilege escalation flaws are comically easy to find and are published on a semi-regular basis. Furthermore. BEPs (Browser Exploitation Packs, like mPack, Silence, Eleonore) are incorporating things like the #GPtrap handler exploit into their packs as administrators become more savvy.
Denying user's admin access is good, but is far, far, far, from a complete solution.
Without admin rights you don't have access to:
So it is very hard to compromise Windows without access to the above.
As @Dimitry says as a limited users all you can screw up is your own profile... In theory...
I suggest you have a look at Is it normal to give 'users' administrator access to their company PC? for a similar discussion.