Privileges and Sandboxie

RECENT STUDY FROM BEYONDTRUST FOUND THAT 64% OF WINDOWS VULNERABILITIES LAST YEAR COULD HAVE BEEN PREVENTED BY USING LEAST PRIVILEGES.

Recent study from BeyondTrust found that 64% of Windows vulnerabilities last year could have been prevented by using least privileges. Most operating systems, including Windows, have different accounts with different levels of privileges. For example, Windows XP and 7 come by default with "Standard" and "Administrator". Admin is simpler to use as it gives the end user far greater power, including the ability to configure the system and install applications. However, these privileges have greater risk as a large percentage of exploits and malware require Administrator rights to modify the operating system or install malware. In contrast, "Standard" privileges protect the system as this role cannot install applications and has very limited abilities to make any system modifications. As a result if a user is logged in with a "Standard" account most exploits will fail as they do not have enough privileges to infect the computer. Another option is Sandboxie (www.sandboxie.com) a free tool that allows you to run the most commonly attacked programs (such as browsers or email clients) in a sandbox environment. Even if exploited, the operating system is protected as exploits should not be able to escape from the sandbox environment.

Tip: Your organization should consider a policy of least privileges for user accounts on their Windows computer.

Reference: http://ethreemail.com/e3ds/mail_link.php?u=http%3A%2F%2Fblogs.zdnet.com%2Fsecurity%2F%3Fp%3D5964&i=0&d=4Z1650Y7-184W-4W61-Z907-35Z3UWW9646W&e=