"Some legitimate Web sites were maliciously modified to include the exploits," said Microsoft's Ziv Mador and Tareq Saade in a posting on Microsoft's Malware Protection Center Blog. They went on to note that, "a significant number of users have been affected."
With exploit code now publicly available, the threat will grow in the coming days and weeks. To mitigate the attack, Microsoft recommends that users be configured without administrator rights. Users whose accounts are configured to have fewer user rights on the system will have additional protections in place to prevent the installation of rootkits and key loggers, as well as other potential malicious activities.
"There is no longer any practical reason that an organization should configure its users to run with administrative rights," said John Moyer, CEO of BeyondTrust. "We have worked with hundreds of companies who were fed up with their exposure to malware and have responded by implementing the security best practice of Least Privilege in their Windows environments. By removing admin rights, these companies have experienced a drastic reduction in malware and greater protection from zero-day threats like the latest IE attack, which impacts the vast majority of IE users."
Microsoft's recommendation comes on the heels of a growing trend among organizations to remove administrator rights from users. By configuring users as standard users, malware can no longer leverage administrative privileges through various Microsoft security vulnerabilities to compromise corporate networks and data. One example of the trend in organizations to remove admin rights is the federal government's recent mandate prohibiting federal employees from logging into XP and Vista as administrators.
For more information, or to speak to BeyondTrust about how organizations can reduce their vulnerability to zero-day threats by configuring end-user PCs to run without administrative rights, please contact Dave Bowker or April Byron at 781-684-0770 or beyondtrust@schwartz-pr.com.
About BeyondTrust
BeyondTrust Corporation, a pioneer in Least Privilege Management, enables enterprises to move beyond the need to trust users with excess privileges or administrator passwords. BeyondTrust Privilege Manager was the first product to enable the security best practice of Least Privilege in Windows environments by allowing administrators to assign end-users permissions for required or selected applications. Least Privilege strengthens security by limiting users to the permissions they need to do their jobs. Hundreds of organizations worldwide in industries such as financial, healthcare, government and military rely on BeyondTrust Privilege Manager to secure their enterprises. For more information, visit www.beyondtrust.com.
SOURCE: BeyondTrust Corporation
No comments:
Post a Comment