1st Half 2013 Microsoft Privilege Vulnerabilities
In the past 6 months Microsoft has released 51 Security Bulletins addressing 121 vulnerabilities. Here’s a breakdown of the bulletins and vulnerabilities. Of the 51 Microsoft Security Bulletins released nearly 1 out of every 3 bulletins had vulnerabilities that could be used to exploit the rights of the logged on user.
|% of Bulletins with privilege exploits||35%|
|% of Vulnerabilities with privilege exploits||34%|
Microsoft classifies the bulletins as critical, important, moderate, and low. Vulnerabilities of critical bulletins mean vulnerabilities can be exploited without the user knowing. Vulnerabilities of important bulletins will provide end users some warnings that the exploit is happening, but these warnings can be easily missed. With the classification in mind 1 out of every 4 bulletins classified as Critical contained a vulnerability that could be used to exploit user privileges.
|% of Critical Bulletins with privilege vulnerability exploits||71%|
|% of Total Bulletins with Critical privilege vulnerability exploits||23.5%|
|% of Important Bulletins with privilege vulnerability exploits||18%|
|% of Total Bulletins with Important privilege vulnerability exploits||11.8%|
As seen, privilege impacts the majority of critical bulletins which have the most exposure to being exploited. Privilege management is the practice of running users and applications with the least privileges needed for their task. Privilege management software can mitigate vulnerabilities by limiting rights for users and applications and thus limit the impact of vulnerabilities where the privilege of the running user determines an exploits impact.
The following table shows the vulnerabilities and bulletins for common Microsoft software where privilege exploitation applies.
|Vulnerabilities with Privilege Exploits||# of Security Bulletins|
The above data is in line with previous years which show that Internet Explorer is the most common Microsoft application that can benefit from privilege management, with Windows Operating Systems and Microsoft Office also having their share of privilege management issues.
Software vulnerabilities will be most dangerous to users and businesses if least privilege management best practices aren’t followed. Those best practices include removing administrative rights from end-users, running applications with lowest privileged, and securing administrator accounts. Privileged management software such as Arellia Application Control Solution and Local Security Solution can reduce the impact of vulnerabilities by securing the rights of applications and users.