1. Home
  2. Forums Index
  3. Deprecated / (deprecated) MS Win 7 OS 8:27 am Apr 19, 2026

Forum Moderators: open

Message Too Old, No Replies

90 percent of Windows 7 flaws fixed by removing admin rights

         

bill

11:40 am on Apr 1, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



90 percent of Windows 7 flaws fixed by removing admin rights [arstechnica.com]

After tabulating all the vulnerabilities published in Microsoft's 2009 Security Bulletins, it turns out 90 percent of the vulnerabilities can be mitigated by configuring users to operate without administrator rights, according to a report by BeyondTrust. As for the published Windows 7 vulnerabilities through March 2010, 57 percent are no longer applicable after removing administrator rights. By comparison, Windows 2000 is at 53 percent, Windows XP is at 62 percent, Windows Server 2003 is at 55 percent, Windows Vista is at 54 percent, and Windows Server 2008 is at 53 percent. The two biggest exploited Microsoft applications also fare well: 100 percent of Microsoft Office flaws and 94 percent of Internet Explorer flaws (and 100 percent of IE8 flaws) no longer work.

jecasc

12:00 pm on Apr 1, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Yeah right. Since by removing admin rights, most of my applications don't work properly anymore we can then all turn off our computers for the day close the office and go home.

On the bright side: That fixes 100% of Windows 7 flaws.

maximillianos

1:20 pm on Apr 1, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Flaws? I thought Win7 was finally the turning point for Microsoft?

This however does not surprise me. Maybe they should implement what Unbuntu Linux does. They prompt you for the admin's password when needed. Otherwise you are running as a non-admin.

J_RaD

1:41 pm on Apr 1, 2010 (gmt 0)




Yeah right. Since by removing admin rights, most of my applications don't work properly anymore we can then all turn off our computers for the day close the office and go home.


what? you never heard of a right click and "run as administrator" ? this isn't something new or ground breaking...they have been teaching admins not to login as the administrator since NT 4.0 days.

step 1. login as administrator
step 2. create a new user
step 3. get the heck out of the admin account.
step 4. (optional) disable admin account.


They prompt you for the admin's password when needed. Otherwise you are running as a non-admin.

that is what 7 does, but instead of asking for a password it prompts to run as admin.

Brett_Tabke

2:11 pm on Apr 1, 2010 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month Best Post Of The Month



> 90 percent of Windows 7 flaws fixed by removing admin rights

Thus making win 7, 100% useless. There is no way I could last an hour on my machine without admin rights.

Demaestro

3:10 pm on Apr 1, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



> this isn't something new or ground breaking...they have been teaching admins not to login as the administrator since NT 4.0 days.


And yet it is still a problem? You would think that this being an issue for so long that they would come up with a way that you can run as admin without every program that you interact with inheriting the same permissions.

Ridiculous, that it has been a known issue this long and still no real fix, even with how many new releases between NT and win7?

I am really starting to think that we need a class action suit against MS, where any moneys from a judgment would go into a fund that people could apply to receive money back to recoup from lost hardware, software, cost of removing viruses, cost to replace files.

J_RaD

6:21 pm on Apr 1, 2010 (gmt 0)



you wouldn't run linux as root, and you wouldn't run windows as admin.

what is the rub here?


Thus making win 7, 100% useless. There is no way I could last an hour on my machine without admin rights.


how so? are you running windows 7? I am, Im also running with the admin account disabled under a seprate account. You need to do something that requires admin privg you get a prompt... big whoop you can even disable the prompt. Its no different then running linux and having to enter the root password to do something.

Demaestro

6:52 pm on Apr 1, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



and you wouldn't run windows as admin.


So why be able to create users with the Admin role?

If all that is needed is an admin password to allow admin actions then why allow users to create an account with it? This goes double for Home editions which are mostly used in homes, and homes usually don't have a systems admin so what is the point of an admin account?

If this was newly discovered then I would be telling people that they need to be careful and not be angry, the fact that this has been ongoing since around 2000 and still isn't addressed is what has rubbed me wrong.

J_RaD

10:26 pm on Apr 1, 2010 (gmt 0)



and homes usually don't have a systems admin so what is the point of an admin account


um..... what does having a sys admin have to do with the "administrator" account on a computer?


If all that is needed is an admin password to allow admin actions

again...how is any of this different then linux/unix and the root account?

why is this a confusing concept to you?

Brett_Tabke

12:00 am on Apr 2, 2010 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month Best Post Of The Month



> how so? are you running windows 7?

startup:
- verizon pc monitor won't run with out admin rights.
- running apache from command line needs admin rights (not running as a service)
- win 7 barks about alot of programs that I have to manually click 'ok' to run even as admin. (how can I turn that off)?

Even running as admin 100% there are still alot of things that have trouble. Our main prob with win 7 is network shares between vista xp and win 7. We have two boxes we simply can share the root of. So we have to install vnc's and such to get them to share. I am sure if I would have set all those machines up as admin, there wouldn't be this issue.

J_RaD

1:00 am on Apr 2, 2010 (gmt 0)




- win 7 barks about alot of programs that I have to manually click 'ok' to run even as admin. (how can I turn that off)?



head to control panel, then users, then adjust user account control. that should take care of that.

running apache from command line needs admin rights (not running as a service)


right click on your cmd and pick run as admin, you can also make a short cut that does this automaticly.

the networking stuff.. win7 homegroup works fantasticly. that is if you are all running windows 7.
what exactly do you mean share the root? do you mean just the root of the drive or what? I can figure it out in the morning.

Brett_Tabke

4:45 pm on May 14, 2010 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month Best Post Of The Month



> user account control.

that is everyones first 10 clicks on a new machine isn'st it?

> you can also make a short cut that does this automatically.

Seems to only work on somethings. What am I missing? (tried and tried). I can not start apache without a prompt coming up.

> what exactly do you mean share the root?

ya, root of system drive. c:\

J_RaD

5:40 pm on Jun 2, 2010 (gmt 0)



In the Advanced Properties, check "Run as administrator," and click Ok: Anytime you launch the shortcut, you will have administrator privileges

now everytime you run apache it will have the proper privilages.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Deprecated / (deprecated) MS Win 7 OS 8:27 am Apr 19, 2026