MICROSOFT VULNERABILITIES REPORT 2019 - BeyondTrust
MICROSOFTVULNERABILITIESREPORT 2019An Analysis of Microsoft SecurityUpdates in 2018
Microsoft Vulnerabilities Report 2019EXECUTIVE SUMMARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1DATA HIGHLIGHTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2VULNERABILITY CATEGORIES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3TABLE OF CONTENTSVULNERABILITIES BY PRODUCTWINDOWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4INTERNET EXPLORER & EDGE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5OFFICE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6WINDOWS SERVERS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7SECURITY IMPACT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8MITIGIATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9EXPERT COMMENTARYKIP BOYLE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 0DEREK A. SMITH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1DR. JESSICA BARKER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2ABOUT THE REPORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 4
EXECUTIVE SUMMARYIntroductionMicrosoft Vulnerabilities Report 2019The Microsoft VulnerabilitiesReport 2019 analyzes the datafrom security bulletins issued byMicrosoft throughout 2018. On thesecond Tuesday of every month,commonly referred to as “PatchTuesday,” Microsoft releases fixesfor any vulnerabilities affectingMicrosoft products. This reportcompiles these releases into ayear-long overview, providing amore holistic view of whethervulnerabilities are increasing, andhow many Microsoft vulnerabilitiescould be mitigated if adminrights were secured acrossorganizations.As the 2019 MicrosoftVulnerabilities report is the sixthannual edition, it includes a trendcomparison based on several yearsof data. This analysis providesa better understanding of howvulnerabilities are growing, andin which specific products.And while there are 46 less CriticalVulnerabilities than in last year’sreport, the findings indicate thatthe removal of admin rights wouldmitigate a higher percentage ofCritical Vulnerabilities this year.Microsoft vulnerabilities continuedto rise in 2018, with a total of 700vulnerabilities discovered.VULNERABILITIES DISCOVERED“1Of the 189 Critical Vulnerabilitiesdiscovered, 154 (81%) could havebeen prevented if administratorrights had been secured.Least privileged access continues to be the way forward - weknow with certainty that the removal of admin rights is one of theleading mitigating factors in keeping our networks and systemssafe in the face of accelerating vulnerability disclosures.”— Kenneth Holley, Founder & CEO at Information Systems Integration
Microsoft Vulnerabilities Report 2019Overall number of reportedvulnerabilities over 6 years.(2013-2018)2PREVENTABLEINCREASEDATA HIGHLIGHTSCritical vulnerabilitiesreported by Microsoftover 6 years. (2013-2018)Of the 189 critical vulnerabilities discovered, 154could have been prevented if administrator rightshad been removed.INCREASEPercentage of critical vulnerabilities in InternetExplorer, Microsoft Office, Windows 7, 8.1, and10, and Windows servers that would have beenmitigated by removing admin VENTABLE
How Microsoft Groups VulnerabilitiesMicrosoft Vulnerabilities Report 2019VULNERABILITY CATEGORIESEach Microsoft Security Bulletin is comprised of one or more vulnerabilities, applying to one or more Microsoft products.Similar to previous reports, Remote Code Execution (RCE) accounts for the largest proportion of total Microsoft vulnerabilities throughout 2018.Of the 292 RCE vulnerabilities, 178 were considered Critical. The removal of admin rights from Windows endpoints would have mitigated 86% ofthese Critical vulnerabilities. Over six years, RCE vulnerabilities are notably higher than they were in 2013, experiencing a 54% rise.Breakdown ofMicrosoft VulnerabilityCategories in 2018300Total number of vulnerabilities250Total number of criticalvulnerabilities200150100500Remote CodeExecutionInformationDisclosureElevation ofPrivilegeDenial ofServiceSecurity FeatureBypass201320142015201620172018Remote Code Execution190257303269301292Elevation of Privilege993910811490145Security Feature Bypass41635264153Tampering111018Information Disclosure201756102193153Denial of ngVulnerabilityCategories(2013-2018)3
Windows VulnerabilitiesMicrosoft Vulnerabilities Report 2019In 2018, 499 vulnerabilities were reportedacross Windows Vista, Windows 7, WindowsRT, Windows 8/8.1, and Windows 10 operatingsystems. Windows 10 was touted as the“most secure Windows OS” to date when itwas released, yet Microsoft has still reportedvulnerabilities. While the overall numberdecreased from the prior year, the six yeartrend (2013-2018) shows almost twice thenumber reported over that time frame.Of all the Windows vulnerabilities discoveredin 2018, 169 of these were MITIGATED BY REMOVINGADMIN RIGHTSINCREASE IN VULNERABILITIESSINCE 2013CRITICAL VULNERABILITIESDISCOVEREDPRODUCT VIEWRemoving admin rights could have mitigated85% of these critical vulnerabilities.Microsoft WindowsVulnerabilities(2013-2018)600Total number of vulnerabilities500Total number of 16201720184
Internet Explorer & Edge Browser VulnerabilitiesPRODUCT VIEWMicrosoft Internet Explorer remains awidely used browser, but since January 2016Microsoft only supports and patches themost current version of Internet Exploreravailable for a supported operating system.Microsoft Internet Explorer (IE) 10 will reachend of support on January 31, 2020. From thatpoint forward, IE 11 will be the only supportedversion of Internet Explorer on WindowsServer 2012 and Windows Embedded 8Standard.Microsoft Vulnerabilities Report 2019VULNERABILITIESDISCOVEREDMITIGATED BY REMOVINGADMIN RIGHTSINCREASE IN VULNERABILITIESSINCE 2013CRITICAL VULNERABILITIESDISCOVERED5Critical vulnerabilities in Microsoft Edge haveincreased six-fold since its inception twoyears ago. In the near future, Edge will have aChromium based engine, meaning that bothGoogle Chrome and Edge could have thesame flaws at the same time, leaving no “safe”mainstream browser to use as a mitigationstrategy to Edge vulnerabilities.*250Microsoft InternetExplorer & EdgeVulnerabilities(2013-2018)Total number of vulnerabilitiesTotal number of 620172018*Microsoft Edge was released in 2017, so only 2 years of historical data are available.
Office VulnerabilitiesMicrosoft Vulnerabilities Report 2019PRODUCT VIEWVulnerabilities in Microsoft Office continue torise year over year, and they hit a record highof 102 in 2018. Removing admin rights wouldmitigate 100% of critical vulnerabilities in allMicrosoft Office products in 2018 (Excel, Word,PowerPoint, Visio, Publisher and others).Microsoft COVEREDMITIGATED BY REMOVINGADMIN RIGHTSINCREASE IN VULNERABILITIESSINCE 2013CRITICAL VULNERABILITIESDISCOVERED120Total number of vulnerabilities100Total number of 1720186
Windows Server VulnerabilitiesPRODUCT VIEWA total of 449 vulnerabilities were reportedin Microsoft Security Bulletins affectingMicrosoft Windows Server in 2018. Of the 136vulnerabilities with a critical rating, 83% couldbe mitigated by the removal of admin rights.In 2013, 252 vulnerabilities in MicrosoftWindows Server were found - the number ofvulnerabilities has almost doubled over thelast six years.Windows ServersVulnerabilities(2013-2018)Microsoft Vulnerabilities Report 2019VULNERABILITIESDISCOVEREDMITIGATED BY REMOVINGADMIN RIGHTSINCREASE IN VULNERABILITIESSINCE 2013CRITICAL VULNERABILITIESDISCOVERED600Total number of vulnerabilities500Total number of 16201720187
Microsoft Critical Vulnerabilities Continue ToImpact OrganizationsMicrosoft Vulnerabilities Report 2019Critical vulnerabilities continue to introduce risk and create significantconcern for organizations committed to protecting their networksfrom data breaches. The analysis in this report indicates that the vastmajority of these vulnerabilities can be mitigated by the removal oflocal administrator rights. On average, over the last six years, 87% ofall critical vulnerabilities published by Microsoft could have beenmitigated by removing admin rights.8OF ALL CRITICALVULNERABILITIESCOULD HAVE BEENMITIGATED BYREMOVING ADMINRIGHTS300SECURITY IMPACT250Summary of CriticalVulnerabilities(2013-2018)Number of critical vulnerabilitiesNumber of critical vulnerabilitiesmitigated by admin rights removal200150100500“201320142015201620172018This report highlights the issues with misconfiguration of users it would seem that criminal hackers are gaining the upper hand. But,when we look at the context of these vulnerabilities, we can be moremeasured - and in fact more optimistic - in our response.”— Jessica Barker, CEO of Cygenta
Get Serious about Applying Least Privilege PrinciplesMicrosoft Vulnerabilities Report 20199While eliminating admin rights can greatly improve security around Microsoft products and reduce the risks from their vulnerabilities,many IT leaders are concerned with how to balance access restrictions with maintaining a positive user experience.Least privilege is the concept and practice of restricting access rights for users, accounts, and computing processes to only those resourcesabsolutely required to perform routine, legitimate activities. Privilege itself refers to the authorization to bypass certain security restraints. Applied topeople, least privilege, sometimes called the principle of least privilege (POLP), means enforcing the minimal level of user rights, or lowest clearancelevel, that allows the user to perform his/her role. However, least privilege also applies to processes, applications, systems, and devices (such as IoT),in that each should have only those permissions required to perform an authorized activity.The tension between security and productivity is often the barrier that prevents organizations from removing local admin rights from all users.To address this challenge, modern endpoint privilege management solutions can be deployed to dynamically exert granular control over accessto applications, tasks and scripts in a way that makes this balance seamless and the security invisible to the end user. These solutions elevateaccess as needed for applications — without elevating the user’s actual privileges — to ensure that users are productive and protected.MITIGATIONAdditionally, a vulnerability management solution closes any final gaps for the “worst of the worst” vulnerabilities, that can only mitigatedby patch management.“Prevention techniques like application whitelisting, removingadministrative access, and adopting the principles of least privilegego a long way toward protecting individual users’ machines andreducing inroads to the network, while not severely restrictinguser functionality.”— Dr. Eric Cole, Founder & CEO of Secure Anchor Consulting
Microsoft Vulnerabilities Report 2019“The 2017 NotPetya attack (which causedat least 10 billion in world-wide damages)provides an excellent demonstration of howvulnerabilities in commonly used softwarehave been weaponized. Because ransomwareand disk wipers work so well, and becauseof static cybersecurity defences and digitalweapons proliferation, we can expect to seemore critical patches will be issued in thefuture.“If routinely installingcritical patches is thedigital equivalent ofwashing your hands afterusing the toilet, then wecollectively have terriblecyber hygiene.warnings or prompts. These practices canapply to any company concerned aboutpreventing data breaches as the ASDhas many similarities with the mandatesfor GDPR, NIST, and PCI.The four, in order, are: Applicationwhitelisting; Patch applications; Restrictadministrative privileges; and Patch operatingsystems. ASD says properly implementingthe Top 4 will mitigate over 85% of thecollective adversary’s targeted maliciouscode techniques.Did you know the patch to neutralizeNotPetya had been released by Microsoft90 days prior? If routinely installing criticalpatches is the digital equivalent of washingyour hands after using the toilet, then wecollectively have terrible cyber hygiene.The best way I know to improve your digitalhand washing is to adopt the “Top 4” from theAustralian Signals Directorate(ASD). These four mitigations have beenselected and prioritized specificallyto counter the delivery and executionof malicious code, including thosevulnerabilities that can be exploited without10Here’s an example: In a prior CISO role, myteam removed local admin rights for ourentire company of about 1,000 desktop andlaptop computers. Lots of people told us itcouldn’t be done. But, in the end our peoplewere even more productive without localadmin rights.”“EXPERT COMMENTARYCISO ViewpointKIP BOYLECEO, Cyber cyberriskopportunities.comfiredoesntinnovate.com
Academic ViewpointEXPERT COMMENTARYThis increase can be attributed to the factthatno matter how much attention is givento new advances in technology, the amountof attention given to who can access whatdata is often lacking. An organization’s criticalassets face threats that extend beyond therealm of technology. Its processes andemployees can expose sensitive data in waysthat cannot be mitigated with technicalcontrols alone.While organizations take actions to controlaccess to its highly sensitive informationwith strict access controls, other types ofdata are often left “wide open.” This meansthat anyone who uses seemingly legitimatecredentials to access the network can accessmost of the organization’s data.I have emphasized many times that if youwant to reduce organizational securityrisks, you must control access, especiallyto privileged accounts. The simple fact isthat if you’re going to prevent bad actorsfrom getting in and insiders from abusingaccess privileges, you must have expertmanagement of your privileged accounts.While there is no silver bullet for achievingfull-proof cybersecurity, organizationscan dramatically reduce the impact of anattack by prioritizing privileged access.Organizations must choose the right access“While there is nosilver bullet for achievingfull-proof cybersecurity,organizations candramatically reduce theimpact of an attack byprioritizing privilegedaccess.““The data does not lie! It has been clearlydemonstrated that despite the manyadvances in cybersecurity techniques andtechnology the number of vulnerabilitiescontinues to drastically increase year afteryear - with no end in sight.Microsoft Vulnerabilities Report 2019control model based on the types ofdata they process, how sensitive that data is,and operational requirements. With a goodprivilege access management model andprocesses, these organizations can enforce11least privilege policies. This will empowerthem to reduce the threat of security attacks& data breaches.Privileged access management acts as asecure repository, or vault, that protects anorganization’s data and networks. By adoptingprivileged user management, an organizationcan ensure that users only access thedata required to do their job. IT teams willbe able to establish parameters that willprevent users from accessing systems andinformation that they should not.As a university professor, I tell my studentsthat security is really very simple. Controlaccess to control the threat! If bad guyscannot get into an environment in the firstplace, they can do no harm.”PROFESSORDEREK A. SMITHSpeaker, Author & UniversityProfessor, President of theIntercessor’s Investigative &Training ok.com/derekasmith53theintercessorgroup.com
“It is often easy to be pessimistic whenseeing that the number of vulnerabilitiesfound per year has grown at an alarming rate.With a 110% rise in the last six years, it wouldseem that criminal hackers are gaining theupper hand. But, when we look at the contextof these vulnerabilities, we can be moremeasured - and in fact more optimistic - inour response. More vulnerabilities are beingdiscovered partly because more and moresoftware is being developed every year. Butmore vulnerabilities are also being discoveredbecause we as an industry are gettingsmarter and better and faster at finding anddisclosing them, with more people than everare looking for vulnerabilities comparedto six years ago. We have also seen moreorganizations hiring penetration testers andsetting up bug bounty programs.If we look at the history of vulnerabilities wesee that the same classes of vulnerabilitieshave constantly appeared at the top of theOWASP (Open Web Application SecurityProject) Top 10 and it is shocking that certainclasses, such as SQL Injection and XSS, arestill such a big problem today. This reporthighlights the issues with misconfigurationof user privileges and it would be easy todemand that systems administrators do notoffer administrative rights to all users andto argue that they are lax when applyingpatches to systems. But it is easy to pick faultwith people when, in fact, surrounding factorsare sometimes pushing people to behave incertain ways.Microsoft Vulnerabilities Report 2019“The MicrosoftVulnerabilities Report2019 supports theimportance of leastprivilege models, provingthat reducing thenumber of admin usersis a necessary step inthe foundation of yoursecurity strategy.“EXPERT COMMENTARYCEO Viewpoint12The Microsoft Vulnerabilities Report 2019supports the importance of least privilegemodels, proving that reducing the numberof admin users is a necessary step inthe foundation of your security strategy.Reviewing and verifying access lists is animportant, and often overlooked, part of thatprocess. Likewise, whitelisting applicationsis an effective mitigation, but people andprocesses need to be in place to managewhitelisting to prevent it from becomingperceived as a business-blocker.”DR. JESSICA BARKERCo-CEO of Cygenta &Chair of ClubCISO@drjessicabarker@CygentaHQcygenta.co.uk
“During the security assessments we haveconducted in the past few years, we’venoticed that one of the most common issuesobserved is the extensive usage of privilegedaccounts by users who do not need them fordaily work. Sometimes, this practice makesusers’ work easier, but as the MicrosoftVulnerabilities Report demonstrates, it alsoopens many dangerous attack vectors and isone of the main reasons why ransomware hasbeen spreading so successfully.The running of malicious code by a userwith administrative privileges may allowthe attacker to perform a lot of differentactivities; for example, it allows to accessthe memory of system processes like LSASSto extract users’ credentials, includingpassword hashes and other sensitive data.Once hashes are obtained, the attackermay use them to perform Pass-The-Hashattacks to gain access to other machinesin the network. Another scenario toconsider is whether privileged users maybe able to turn off endpoint protectionmechanisms like antivirus solutions or hidemalicious activities, which prolong the timeof discovering them. Privileged AccessManagement solutions that include securing,managing, and controlling endpoints andpasswords reduce these types of risks.A successful cyber attack may result in anextensive financial loss for the companyand disclosure of confidential informationand know-how. The attack may also causedisruption of services provided by thecompany, like online services, productionlines or by leading to physical damageMicrosoft Vulnerabilities Report 2019of devices. That’s why it’s also advisableto perform penetration tests as they areone of the most efficient ways to identifytechnical vulnerabilities in the company’s ITinfrastructure before the attack occurs.The main goal of each test is to find asmany vulnerabilities as possible that couldmake the work of a potential hacker mucheasier and put the organization at immenserisk. After a penetration test is performedby companies specializing in security,like CQURE, a report is prepared with adetailed description of all findings withrecommendations on resolving them, makingit much easier for the customer to implementcrucial mitigations.13“During the securityassessments we haveconducted in the pastfew years, we’ve noticedthat one of the mostcommon issues observedis the extensive usage ofprivileged accounts byusers who do not needthem for daily work.“EXPERT COMMENTARYService Provider ViewpointPAULAJANUSZKIEWICZCybersecurity Expert & CEOof cqureacademy.com
Microsoft Vulnerabilities Report 2019The BeyondTrust Analysis- MethodologyABOUT THIS REPORTEach bulletin issued by Microsoft contains anExecutive Summary with general information.For this report, a vulnerability is classifiedas one that could be mitigated by removingadmin rights if it meets the following criteriaare stated by Microsoft in vulnerabilitybulletin: Customers/users whose accounts areconfigured to have fewer user rights on thesystem could be less impacted than userswho operate with administrative user rights If the current user is logged on withadministrative user rights, an attacker couldtake control of an affected systemHow Microsoft ClassifiesVulnerabilitiesEach vulnerability can apply to one or moreMicrosoft product. This is shown as a matrixon each vulnerability page.Each vulnerability is assigned a type from oneof seven categories; Remote Code Execution,Elevation of Privilege, Information Disclosure,Denial of Service, Security Feature Bypass,Spoofing, Tampering– which occasionally varydepending on the individual piece software orcombination of software affected.A vulnerability of each type often appliesto a combination of different versions ofa product or products, and sometimesall versions – e.g. all versions of Windowsclients. Often, a vulnerability will only applyto a combination of products – e.g. InternetExplorer 11 on Windows 7.Each vulnerability is also assigned anaggregate severity rating by Microsoft –Critical, Important, Moderate – which alsovaries depending on each individual pieceof software, or combination of softwareaffected. The Common Vulnerability ScoringSystem (CVSS is a published standard usedby organizations worldwide and provides away to capture the principal characteristics ofa vulnerability and produce a numerical scorereflecting its severity. The numerical scorecan then be translated into a qualitativerepresentation (such as low, medium, high,and critical) to help organizations properlyassess and prioritize their vulnerabilitymanagement processes.Certain vulnerabilities have occurred multipletimes throughout 2018, usually affectingdifferent software. In these cases, thevulnerability itself is only counted once, withall affected software types attributed to thatone entry.14Accuracy of VulnerabilityDataA number of generalizations have been madefor each vulnerability as follows: Each vulnerability was classified with thehighest severity rating of all instances ofthat vulnerability where it appeared multipletimes Each vulnerability was classified with themost prevalent type for all instances of thatvulnerability Product versions were not taken intoaccount Product combinations were not taken intoaccount Vulnerabilities were counted for both thesoftware and version where appropriate (forexample, a vulnerability for Internet Explorer11 on Windows 10 is taken as a vulnerabilityfor both Internet Explorer 11 and Windows10)
About BeyondTrustBeyondTrust is the worldwide leader in Privileged Access Management, offering the most seamless approach to preventing data breaches relatedto stolen credentials, misused privileges, and compromised remote access. Our extensible platform empowers organizations to easily scaleprivilege security as threats evolve across endpoint, server, cloud, DevOps, and network device environments. BeyondTrust gives organizationsthe visibility and control they need to reduce risk, achieve compliance objectives, and boost operational performance. We are trusted by 20,000customers, including half of the Fortune 100, and a global partner network.About Endpoint Privilege ManagementBeyondTrust’s Endpoint Privilege Management solutions give you the power to enforce least privilege and eliminate local admin rights.Remove excessive end user privileges and control applications on Windows, Mac, Unix, Linux, and network devices - all withouthindering end-user productivity.About Vulnerability ManagementBeyondTrust’s Vulnerability Management solutions reduce risk with cross-platform vulnerability assessment and remediation, including built-inconfiguration compliance, patch management and compliance reporting.beyondtrust.com
Each Microsoft Security Bulletin is comprised of one or more vulnerabilities, applying to one or more Microsoft products. Similar to previous reports, Remote Code Execution (RCE) accounts for the largest proportion of total Microsoft vulnerabilities throughout 2018. Of the 292 RCE vulnerabilities, 178 were considered Critical.
The Microsoft Dynamics 365 integration with BeyondTrust Remote Support provides the following functionality: l. A BeyondTrust session key can be generated from within a Microsoft Dynamics 365 case. l. When the BeyondTrust session ends, session data can be pushed into the case and viewed from within the case.
Computers in a Network. With BeyondTrust Jump Technology, a user can access and control remote, unattended computers in any network. Jump Technology is integral to the BeyondTrust software offerings. Because BeyondTrust Remote Support is licensed per active representative and not per
BEYONDTRUST VS MICROSOFT SYSTEMS CENTER CONFIGURATION MANAGER (SCCM) ByTrus Moso( SCCM BEYONDTRUST REMOTE SUPPORT Our award-winning Remote Support solution is used by thousands of customers, making it the number one solution for leading enterprises looking to securely access and support
on a first come, first serve basis. eLearning course registration is available after purchase. Expiration Policy All eLearning and public shared training courses expire after one year. The private courses expire after six months. About BeyondTrust BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering organizations
The TOE is PowerBroker UNIX Linux Edition V9.1, provided by BeyondTrust Software, Inc. BeyondTrust PowerBroker is a security management product that provides the capability to delegate access to operating system functions available to specific privileged accounts (e.g., 'root') and offer those functions in a controlled and granular .
BeyondTrust mobile SDKs support Android 4.0 and iOS 8.2 . Once you have embedded the BeyondTrust SDK into your app, your app can integrate with the BeyondTrust Appliance B Series, allowing you to support your app in-depth. Your application can leverage each of these features through the APIs offered by the SDK. In-App Session Start
o Microsoft Outlook 2000 o Microsoft Outlook 2002 o Microsoft Outlook 2003 o Microsoft Outlook 2007 o Microsoft Outlook 2010 o Microsoft Outlook 2013 o Microsoft Outlook 98 o Microsoft PowerPoint 2000 o Microsoft PowerPoint 2002 – Normal User o Microsoft PowerPoint 2002 – Power User o Microsoft PowerPoint 2002 – Whole Test
planning a business event D1 evaluate the management of a business event making recommendations for future improvements P2 explain the role of an event organiser [IE] P3 prepare a plan for a business event [TW] P4 arrange and organise a venue for a business event, ensuring health and safety requirements are met [SM, EP] M2 analyse the arrangements
