facebook rss twitter

Microsoft details its latest ransomware blocking feature

by Mark Tyson on 25 October 2017, 10:31

Tags: Microsoft (NASDAQ:MSFT), Windows 10

Quick Link: HEXUS.net/qadmzy

Add to My Vault: x

Ransomware is an increasingly worrying threat for computer users, businesses and organisations. HEXUS has covered news of the largest ransomware outbreaks seen so far, like WannaCry, Popcorn Time, Cerber and so on. With Windows 10 Fall creators Update (FCU) it’s good to see some proactive OS features arrive that could stem the proliferation of such attacks.

We first reported upon Controlled Folder Access, as a preview feature in a Microsoft Windows Insider Build, back in June. Now the feature is available to all users who have updated to the latest Windows 10 FCU, if the update rollout has reached you then you will have access to this data security feature.

Earlier this week the Windows Blog wrote in detail about all the new security and management features in Windows 10 FCU. The blog highlighted 10 new security-minded features including; Windows AutoPilot, Windows Defender Application Guard, Windows Defender Advanced Threat Protection, Windows Defender Application Control, Windows Defender Exploit Guard, Windows Defender Antivirus, Windows Assigned Access, Windows Hello, Windows 10 Subscription Activation, and the topic of this article Controlled Folder Access.

The core function of Controlled Folder Access is to allow only trusted applications to access protected folders and documents. Unauthorised applications, “even a new unknown malware variant,” will not get access to the folder data even if they manage to get past other malware defences. Microsoft sounds pretty confident in this feature and claims Controlled Folder Access is “a powerful tool that can render ransomware attacks worthless”.

Controlled Folder Access comes with some defaults setup for easy operation but it is flexible in allowing you to add more folders and unique and custom applications. It will pop up alerts when unauthorised access if attempted and can be enabled and managed over enterprise networks as part of Windows Defender Advanced Threat Protection.



HEXUS Forums :: 16 Comments

Login with Forum Account

Don't have an account? Register today!
Sounds like a pretty nice feature to have on.
Simple and effective. Makes you wonder why we didn't have it a long time ago.
Isn't this what UAC is supposed to do?
Great idea, except a lot of malware code cave legitimate trusted apps to do their dirty work ;)
Had to manually add Office 2016 (64bit) applications to the exclusions.