Chimpytech

  • Home
  • MS Office
    • Office 2013
    • Office 2007 / 2010
    • Office 2003
  • Windows
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows Vista
    • Windows XP
  • Apple iOS & Mac OS
  • Security
  • Miscellaneous
  • Blog
  • Ad-Blockers

Don’t Run As ‘Administrator’

March 12, 2014
It’s an unfortunate fact that since Microsoft really introduced the concept of User Accounts in Windows 95, the default user level has been that of ‘Administrator’.

While this is nice and convenient for the user, (and as the saying goes “Convenience is the enemy of security”) it also throws up a bunch of potential security problems.

  • In a multi-user environment anyone with ‘Admin rights’ can see everything that any other use does, and has access to everyone elses documents, with the obvious resulting problems with privacy and confidentiality.
  • Those with Admin rights can change fundamental settings on the computer such as Date and time, and can have full access to the computers registry, they are also able to disable and re-enable security software.
  • Having Admin rights also means that a user is allowed to add and remove hardware devices such as printers, webcams, and other devices such as memory sticks that can be a potential security hazard (see our article here for instructions on how to disable USB memory devices)
  • But eclipsing all these potential pitfalls is that running as an Administrator will leave you vulnerable to far more Malware infections than if you were running as a standard user
This is because by running as a Standard user, the ability to install programs and alter the PC’s registry is highly restricted, two things that any malware needs to do to ensure that it is both installed correctly, and hidden from the user so that it can get on with its dastardly work.

In an Avecto report published in February 2014 analysing the 147 security patches released by Microsoft in 2013, the following statistics are mentioned.

  • 92% were blocked by removing administrator rights.
  • 96% of critical vulnerabilities affecting the Windows operating system, were mitigated by removing admin rights.
  • 100% of the vulnerabilities affecting IE were mitigated by removing admin rights.
  • 91% of vulnerabilities affecting Microsoft Office would be blocked by removing admin rights
  • 100%, all of the critical remote code execution vulnerabilities, were mitigated by removing admin rights
  • 80% of critical information disclosure vulnerabilities mitigated by removing admin rights.

If that’s not compelling advice to make sure you only run your system as a limited user we don’t know what is!

Updated: March 13, 2014 at 12:04 am
Tags: Administrator Account, Limited User Account, Microsoft Windows Security, Run As Administrator
◀ Stay secure when using Wi-Fi Hotspots
Safely Use Windows XP After April 8th 2014 ▶

Request an Article

Have an idea for an article or tutorial? Why not let us know, we will try to write it up for you. Click Here to go to our requests / feedback page

Social Media

Get all the latest news and updates immediately! Follow us on Twitter.
Follow @techychimp
Or




Please visit our sister site at www.cyclinglabs.net