To be successful, malware and other security exploits frequently leverage the powers of highly privileged Windows user accounts. It's not entirely a shock, then, that a new report reveals that 86 percent of all Windows security threats patched in 2015 would have been stopped or rendered toothless if they had attacked users who were using limited, rather than administrator, accounts, and hence lacked the power to install, modify or delete software.
The 2015 Microsoft Vulnerabilities Study by Manchester, England-based enterprise-security provider Avecto, released Tuesday (Feb. 2), showed that 85 percent of remote-code-execution bugs (some of the most dangerous flaws) detailed in Microsoft's monthly Patch Tuesday reports would be nullified if the Windows active user did not have administrative rights. (The same company reached similar conclusions two years ago.)
Microsoft Office and Windows 10 would also be much safer, as 82 percent of the security flaws would be blocked. Users with limited, a.k.a. "regular" accounts would have been protected from a whopping 99.5 percent of Internet Explorer vulnerabilities on all platforms, and 100 percent of Microsoft Edge security flaws in Windows 10.
We advise all Windows users to operate their PCs primarily from regular/limited accounts, and to sign into administrative accounts only when they need to install, remove or update software. The default account that ships on most Windows computers is an admin account, so you'll need to create additional, regular accounts. OS X and Linux users would also be wise to use non-administrative accounts for their daily activity, but fewer exploits exist overall on those platforms.
Here are step-by-step instructions for how to set up a limited-privilege user account in Windows 10.
How to Create Limited-Privilege User Accounts in Windows 10
1. Tap the Windows icon.
2. Select Settings.
3. Tap Accounts.
4. Select Family & other users.
5. Tap "Add someone else to this PC."
6. Select "I don't have this person's sign-in information."
7. Select "Add a user without a Microsoft account."
8. Enter a username, type the account's password twice, enter a clue and select Next.
9. Tap the Windows icon.
10. Select the User icon at the upper left corner of the Start menu.
11. Select the new user. You'll then sign into your account with your password from step 8.
You're now using a non-Administrator account!