facebook rss twitter

Latest Microsoft Windows Insider Build combats ransomware

by Mark Tyson on 30 June 2017, 12:31

Tags: Microsoft (NASDAQ:MSFT), Windows 10

Quick Link: HEXUS.net/qadi7j

Add to My Vault: x

Earlier this week we saw evidence of Microsoft working steadily to 'harden' Windows 10 against malware, hacking, and similar threats. The firm announced some important security software technologies that are said to be powered by information gathered from the Microsoft Intelligent Security Graph (ISG) and then processed by AI / machine learning and used by the Windows Defender Advanced Threat Protection suite. The result of this would be that your Windows 10 Fall Creators Update PC would be able to neutralise previously unknown, (0-day) malware and hacking threats, as well as established virus and malware, said Microsoft.

Microsoft has published a new blog post about a new build of Windows 10 available to Windows Insiders in the fast ring, Build 16232. This build includes some of the security features talked about in Microsoft's earlier blog post which we reported upon, plus some other interesting security-based changes.

Windows Defender Application Guard is said to be an important improvement in security that you can test in the new build. Microsoft says that 90 per cent of typical attacks come via phishing. Cyber criminals will place dodgy links and/or attachments in emails that are often crafted to look like regular emails from banks or ecommerce sites, for example. The video above gives you an overview of Windows Defender Application Guard, which is adept at neutralising browser-based attacks.

Controlled Folder Access

Many news watchers will have noticed the increasing volume of ransomware attacks and coverage of these in the media. Typically ransomware malware will seek out your personal folders and encrypt them then pop up a dialogue asking for (Bitcoin) payment to unencrypt these folders. The recent WannaCry havoc, first noticed at NHS offices, was based upon this kind of malware.

Controlled Folder Access aims to "protect valuable data from malicious apps and threats". In the latest Insider build of Windows 10 you head on over to the Windows Defender Security Centre, select the virus & threat protection settings section, and turn on this feature with a simple toggle button.

Like a firewall, Controlled Folder Access can be configured to allow various apps through to make changes to your protected folders. Microsoft adds trusted apps to the access list automatically, to save you time. Folders such as Documents, Pictures, Movies, and Desktop are all protected by default if you switch the option on. Other folders can be added to this list but those main folders can't be removed from it.

How does it work? Microsoft says that its software "monitors the changes that apps make to files in certain protected folders. If an app attempts to make a change to these files, and the app is blacklisted by the feature, you’ll get a notification about the attempt." Overall it sounds like a useful feature, alongside your backups, to help prevent data-loss-disasters.



HEXUS Forums :: 9 Comments

Login with Forum Account

Don't have an account? Register today!
Simple and clever, I approve.

I'm sure someone will complain its more bloat though….
shaithis
Simple and clever, I approve.

I'm sure someone will complain its more bloat though….

Nah, they'll complain that its inconvenient and turn it off - the greatest threat to computer security is the user! How many people run there system with admin privileges because its easier or they don't know otherwise?
Isn't this what UAC is supposed to do? Seems to me like yet another feature that, ultimately, everyone will switch off when they decide they've had enough of pressing ‘Allow’.
I hope this isn't just limited to Edge, or UWP apps, and they make it accessible to Win10 Home users.
peterb
Nah, they'll complain that its inconvenient and turn it off - the greatest threat to computer security is the user! How many people run there system with admin privileges because its easier or they don't know otherwise?

Exactly this, doesn't really matter how much they harden the OS, they can't take away the user, which 9 times out of 10 in my experiance with malware is the issue.