Avecto says critical out-of-band Windows security patch confirms the need for a least privilege approach

Manchester UK and Boston USA, (PresseBox) - Commenting on Microsoft's decision to issue an out-of-band patch for a critical Windows zero-day Windows flaw that allows remote code execution, Avecto says that the flaw is notable because it only affects users logged in when using an Admin(istrator) account.

Mark Austin, CTO of the Windows privilege management specialist, says that the vulnerability could allow remote code execution if a user with local administrator rights runs - or installs - a specially crafted, signed portable executable file on an affected system.

As Microsoft observes in its advisory, if a user is logged on with Admin rights, an attacker who successfully exploits this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; as well as create new accounts with full user rights.

"The risks associated with the MS12-024 WinVerifyTrust vulnerability are significantly reduced when users operate with standard rights, since attackers can only exploit users with higher access rights," he said, adding that the fact that Microsoft issued an out-of-band patch indicates the potential severity of the security flaw.

The most important take-out from this flaw - and the background on the security patch from Redmond - says Austin, is that, again as Microsoft notes: 'users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.'

This is what security professionals call least privilege approach and forms the bedrock of a well managed and secure desktop - which is an approach that is central to Avecto's security strategy. Minimising administrative privileges is an exercise in the principle of least privilege - as in a properly designed, administered and maintained environment there is no requirement for users to have admin privileges on their day-to-day account.

"Although this critical patch is seemingly buried along with a number of updates from Redmond this week, it confirms the reasoning behind our company's advice to clients about the need for a least privilege approach on all aspects of their security."

For more on Avecto: http://www.avecto.com

For more on the MS12-024 WinVerifyTrust security flaw: http://bit.ly/HKn75g

Press releases you might also be interested in

Weitere Informationen zum Thema "Sicherheit":

Öffentliche Sicherheit kontra IT-Sicherheit

Der Ein­satz des “Bun­de­stro­ja­ners”, der Hack des Te­le­gram-Mes­sen­gers und der der­zeit kol­por­tier­te “Hack­back” zei­gen, dass der Staat ge­willt ist zur ver­meint­li­chen Her­stel­lung der Öf­f­ent­li­chen Si­cher­heit - un­ter Zu­hil­fe­nah­me von Schwach­s­tel­len in IT-Pro­duk­ten - zu ha­cken. Je­doch ge­fähr­det er da­mit die IT-Si­cher­heit, nicht nur in Deut­sch­land. Es braucht da­her kla­re Re­geln für den ver­ant­wor­tungs­be­wuss­ten Um­gang des Staa­tes mit Schwach­s­tel­len in IT-Pro­duk­ten.


Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.

I want to subscribe to the gratis press mail and have read and accepted the conditions.