windows
windows
A below-the-radar security feature in the Windows 10 Fall Creators Update, aka version 1709 released last week, can stop ransomware and other file-scrambling nasties dead.
The controlled folder access mechanism within Windows Defender prevents suspicious applications from changing the contents of selected protected folders.
Though controlled folder access has been known about for months – it surfaced with Insider builds earlier this summer – the feature is only now being thrust into the spotlight with the general public release of the Fall Creators Update for Windows 10.
The feature can be enabled through the Windows Defender Security Center App for most users, and is accessed by opening the virus & threat protection screen within Defender. From there, users switch on the controlled folder access option to activate controlled folders.
For enterprise users and administrators, controlled folder access can also be activated through PowerShell, Group Policy, and MDM configurations.
Once the feature has been activated, essential directories like the user's documents folder are locked off from any malicious applications that seek to encrypt files to hold them to ransom, or scramble them to destroy them. Users can also designate additional folders to be protected from unauthorized changes.
The idea is to safeguard data from any ransomware infections that manage to give your third-party antivirus, if present, the slip.
"This feature protects your files from tampering, in real-time, by locking folders so that ransomware and other unauthorized apps can’t access them. It’s like putting your crown jewels in a safe whose key only you hold," explained Microsoft today.
"Cybercriminals can’t extort money if they can’t encrypt your files. Controlled folder access is a powerful tool that can render ransomware attacks worthless."
Intent is all well and good, but how does the new Windows 10 security feature perform in the wild? According to researchers, the initial results have been encouraging. The mechanism was able to stop the Lockyransomware.
A below-the-radar security feature in the Windows 10 Fall Creators Update, aka version 1709 released last week, can stop ransomware and other file-scrambling nasties dead.
The controlled folder access mechanism within Windows Defender prevents suspicious applications from changing the contents of selected protected folders.
Though controlled folder access has been known about for months – it surfaced with Insider builds earlier this summer – the feature is only now being thrust into the spotlight with the general public release of the Fall Creators Update for Windows 10.
The feature can be enabled through the Windows Defender Security Center App for most users, and is accessed by opening the virus & threat protection screen within Defender. From there, users switch on the controlled folder access option to activate controlled folders.
For enterprise users and administrators, controlled folder access can also be activated through PowerShell, Group Policy, and MDM configurations.
Once the feature has been activated, essential directories like the user's documents folder are locked off from any malicious applications that seek to encrypt files to hold them to ransom, or scramble them to destroy them. Users can also designate additional folders to be protected from unauthorized changes.
The idea is to safeguard data from any ransomware infections that manage to give your third-party antivirus, if present, the slip.
"This feature protects your files from tampering, in real-time, by locking folders so that ransomware and other unauthorized apps can’t access them. It’s like putting your crown jewels in a safe whose key only you hold," explained Microsoft today.
"Cybercriminals can’t extort money if they can’t encrypt your files. Controlled folder access is a powerful tool that can render ransomware attacks worthless."
Intent is all well and good, but how does the new Windows 10 security feature perform in the wild? According to researchers, the initial results have been encouraging. The mechanism was able to stop the Lockyransomware.
No comments