Posted on 10/23/2017 6:48:46 PM PDT by markomalley
A below-the-radar security feature in the Windows 10 Fall Creators Update, aka version 1709 released last week, can stop ransomware and other file-scrambling nasties dead.
The controlled folder access mechanism within Windows Defender prevents suspicious applications from changing the contents of selected protected folders.
Though controlled folder access has been known about for months it surfaced with Insider builds earlier this summer the feature is only now being thrust into the spotlight with the general public release of the Fall Creators Update for Windows 10.
The feature can be enabled through the Windows Defender Security Center App for most users, and is accessed by opening the virus & threat protection screen within Defender. From there, users switch on the controlled folder access option to activate controlled folders.
For enterprise users and administrators, controlled folder access can also be activated through PowerShell, Group Policy, and MDM configurations.
Once the feature has been activated, essential directories like the user's documents folder are locked off from any malicious applications that seek to encrypt files to hold them to ransom, or scramble them to destroy them. Users can also designate additional folders to be protected from unauthorized changes.
The idea is to safeguard data from any ransomware infections that manage to give your third-party antivirus, if present, the slip.
"This feature protects your files from tampering, in real-time, by locking folders so that ransomware and other unauthorized apps cant access them. Its like putting your crown jewels in a safe whose key only you hold," explained Microsoft today.
"Cybercriminals cant extort money if they cant encrypt your files. Controlled folder access is a powerful tool that can render ransomware attacks worthless."
Intent is all well and good, but how does the new Windows 10 security feature perform in the wild? According to researchers, the initial results have been encouraging. The mechanism was able to stop the Locky ransomware.
It goes without saying, those who can activate the controlled folder access on their Windows machines should definitely do so.
Microsoft has inked a deal with Cray to allow folks to run one of the latter's supercomputers inside an Azure data center.
The idea, as reported by our sister site The Next Platform, is to allow organizations to deploy high-performance applications on Cray iron right next to code and data in cloud services on Azure. ®
Save for later
I can’t activate it because Windows is busy installing updates. </snark>
Unfortunately, Windows is a massive malware with an OS.
later
Linux Mint is what I settled on too. I tried other distros but found I liked the look and stability of Mint best for what I use it for.
Thanks for the info on Win 10 though. I emailed it out to friends and family.
I run Win 10 enterprise. I’m going to look into this.
Thanks
Agreed. Nice and simple OS and can be made as powerful as you'd like.
Have you ever looked at Sophos AV? Completely runs in the background, to include definition updates. And it's free for home use. (Note that by default it runs command line, but you can enable a GUI if you so choose)
Thanks.
Assumes Build 1709 on your machine.
I don’t have that yet.
CA....
4Ltr
Ping
later
PFL
Thanks
Thank you.
BKMK
To prepare for this and other advanced defenses you should enable Secure Boot and the TPM chip (if you have one) in the UEFI BIOS settings.
They are prereqs for a lot of these new security features.
It appears you have to use Microsoft’s Windows Defender in order to get protected folders. Correct me if i’m wrong.
I have a Win 10 computer I will do this on
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.