Microsoft published 147 vulnerabilities in 2013 that were rated as Critical. Critical, however, is a relative term, and there is one simple thing anyone can do that would guard against almost every single Critical vulnerability according to a new report from Avecto: remove admin rights.
“If malware infects a user with admin rights, it can cause incredible damage locally, as well as on a wider network. Additionally, employees with admin rights have access to install, modify and delete software and files as well as change system settings.”
Simply by working on your PC as a “Standard” user, rather than as an “Administrator”, you are protecting yourself from malware infection. Of course, if you need to do something that requires elevated permission (like installing a program, or changing a system setting), you can enter your admin password to do so.
Oftentimes, people create their initial PC user account with the default “Administrator” settings, and then continue to use that account. A better way to do this is to create a separate account, call it “Admin”, and assign administrator settings to it. Then change your original user account to “Standard” settings.