WCAV-WVAW-WAHU | Charlottesville, Virginia | News, Weather & Sports

An Easy Way to Make Your Windows PC a Lot Safer

By: CBS News
By: CBS News

Feb. 25, 2014

CBS MoneyWatch - A new security study confirms something that many security experts already knew: one small change to your Windows settings can make your PC all but invulnerable to critical vulnerabilities.

Compliance and "privilege management" company Avecto has just released its 2013 Microsoft Vulnerabilities Study, and it shows that a staggering 92 percent of all Microsoft vulnerabilities rated as "critical" could be disregarded if you configure your PC so that users didn't have administrator rights.

In Windows XP and earlier, for example, admin rights were bestowed on all users by default. It wasn't until Windows Vista, and then also in Windows 7 and 8, that Microsoft changed the user model to encourage most people to get "standard user" privileges. Along with User Account Control (UAC), a Windows feature that prompted users for permission when programs attempted to make many kinds of system-setting changes, the last two versions of Windows are dramatically more secure. But only if users get standard and not admin privileges.

According to the Avecto study, Microsoft published 147 critical vulnerabilities in 2013, and all but 12 were thwarted by removing administrator privileges from the PC. That's not all. This one change would eliminate specifically 96 percent of Windows' critical vulnerabilities, 91 percent of critical vulnerabilities in Microsoft Office and every single critical issue in Internet Explorer.

Working as a standard user has a downside, of course: inconvenience. As a standard user, you can be confronted by frequent requests to enter the administrator password to perform seemingly routine tasks, like installing software and formatting media. It's a question of risk mitigation: is it worth the extra effort to so dramatically reduce the risk to your PC and your data?

Not sure what kind of user privileges you're currently running? To find out, open the Windows Control Panel and click Change Account Type under User Accounts and Family Safety (or find it by typing "account type" in the Control Panel's search box). You should see a list of all users and the type of user account they currently have.

To change an administrator to a standard user, click the entry for that account, and then click Change the Account Type. Choose Standard and click Change Account Type.

If you are the only user on the PC, you might need to create a new Admin account before you can downgrade your own account to a standard user -- your PC must have at least one administrator, even if it's an account you never use or log in with.

This report should also be a wake-up call for Windows XP users. You are highly vulnerable, and you have few ways to mitigate the risk without moving to a more modern operating system.


The comments sections of Newsplex.com are designed for thoughtful, intelligent conversation and debate. We want to hear from our viewers, but we only ask that you use your best judgment. E-mail is required, but will not be displayed with comment.

  • Comments cannot be profane or vulgar. We will not post comments that use profanity or cross the lines of good taste.
  • We will not post comments that use hate speech. Slurs, stereotypes and violent talk aren’t welcome on our website.
  • Comments should not attack other readers or people featured in our stories personally. Any accusations should be backed up with facts.
  • Any comment we post will be posted in its entirety. We do not edit any comment that we post.
     
  • Comments should contribute to the discussion. We will not post comments that don't advance the discussion. Flaming and/or trolling will not be tolerated.
     
  • Comments should not attack other posters. Let's keep the focus on the content of the story.

    As a host Newsplex.com welcomes a wide spectrum of opinions. However this is a site that we host. We have a responsibility to all our readers to try to keep our comment section fair and decent. For that reason The Newsplex reserves the right to not post or to remove any comment.

    If you have any ideas to improve the conversation or this section let us know. Send an e-mail to webmaster@newsplex.com.

 

powered by Disqus
The Charlottesville Newsplex 999 2nd Street S.E. Charlottesville, VA 22902 434.242.1919 – Main 434.220.7522 - Newsroom
Gray Television, Inc. - Copyright © 2002-2014 - Designed by Gray Digital Media - Powered by Clickability 247095641