April 3, 2010 – 7:54 AM | by Michael Johnson
“100 percent of Microsoft Office flaws and 94 percent of Internet Explorer flaws” are not affective if the user is not an admin, according to a report by BeyondTrust. Ars Technica has an article reviewing this report, with statistics demonstrating what I’ve been suggesting to my customers for years. That many Windows security flaws and vulnerbilities can be avoided by not running as admin or with any account that has administrative privledges.
Although the number of vulnerabilities are lower on a Macintosh, I encourage the same rule on that operating system as well.
When you setup a new computer, the first account created on both Windows and Macintosh is the administrator of the computer. Give that account a very generic name, a strong password, and then don’t use it! Create a second account for your day-to-day operations. Then create a third account for the kids, don’t let them near your data. Of course, creating an account for every one in the family is easy too.
Most people don’t like doing this because when they need to perform some actions, they need to logout of their account, login as admin, and do the administrative stuff. Don’t be lazy! Be safe! Just setup the extra accounts.
Read the Ars Technica article, “90 percent of Windows 7 flaws fixed by removing admin rights” for the details of how safe you could be.
See my previous article, “Don’t operate as Administrator“.
Tags: administrator, Ars Technica, BeyondTrust, Macintosh, Security, Windows