Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Endpoint Management Community Blog

1st Half 2013 Microsoft Privilege Vulnerabilities

Created: 09 Aug 2013
mmurphy7's picture
0 0 Votes
Login to vote

In the past 6 months Microsoft has released 51 Security Bulletins addressing 121 vulnerabilities. Here’s a breakdown of the bulletins and vulnerabilities. Of the 51 Microsoft Security Bulletins released nearly 1 out of every 3 bulletins had vulnerabilities that could be used to exploit the rights of the logged on user.

Bulletins 51
Vulnerabilities 121
% of Bulletins with privilege exploits 35%
% of Vulnerabilities with privilege exploits 34%

Microsoft classifies the bulletins as critical, important, moderate, and low. Vulnerabilities of critical bulletins mean vulnerabilities can be exploited without the user knowing. Vulnerabilities of important bulletins will provide end users some warnings that the exploit is happening, but these warnings can be easily missed. With the classification in mind 1 out of every 4 bulletins classified as Critical contained a vulnerability that could be used to exploit user privileges.

% of Critical Bulletins with privilege vulnerability exploits 71%
% of Total Bulletins with Critical privilege vulnerability exploits 23.5%
% of Important Bulletins with privilege vulnerability exploits 18%
% of Total Bulletins with Important privilege vulnerability exploits 11.8%

As seen, privilege impacts the majority of critical bulletins which have the most exposure to being exploited. Privilege management is the practice of running users and applications with the least privileges needed for their task. Privilege management software can mitigate vulnerabilities by limiting rights for users and applications and thus limit the impact of vulnerabilities where the privilege of the running user determines an exploits impact.

The following table shows the vulnerabilities and bulletins for common Microsoft software where privilege exploitation applies.

  Vulnerabilities with Privilege Exploits # of Security Bulletins
IE 8 16 6
IE 9 15 5
IE 7 15 5
IE 6 15 5
IE 10 14 4
Server 2008 8 5
Vista 8 5
XP 8 5
Server 2003 8 5
7 7 4
Office 6 5
8 5 2
Windows RT 5 2
Server 2012 3 2
SCOM 2 1
Silverlight 1 1
Lync 1 1

The above data is in line with previous years which show that Internet Explorer is the most common Microsoft application that can benefit from privilege management, with Windows Operating Systems and Microsoft Office also having their share of privilege management issues.

Software vulnerabilities will be most dangerous to users and businesses if least privilege management best practices aren’t followed. Those best practices include removing administrative rights from end-users, running applications with lowest privileged, and securing administrator accounts. Privileged management software such as Arellia Application Control Solution and Local Security Solution can reduce the impact of vulnerabilities by securing the rights of applications and users.

Original Article on Arellia.com