This fall, Microsoft plans to release a new Windows Defender feature called Controlled Folder Access, which blocks and blacklists unauthorized apps from making changes to files located inside specially-designated folders.
Microsoft shipped the Controlled Folder Access feature as part of the Windows 10 Insider Preview Build 16232, released yesterday evening.
New Windows Defender feature watches over your files
The feature works in a very simple manner. Once turned on (ships disabled), Controlled Folder Access will watch over files stored inside a list of folders.
If an app makes modifications to files, Windows Defender will verify the app against a list of whitelisted applications allowed to edit those documents.
If the app is not on the list, Windows Defender blocks its execution, adds the app to a blacklist, and informs the user via a desktop notification.
Controlled Folder Access has two customizable settings. The first allows users to add custom folders that Windows Defender should watch, such as folders with family photos, work data, and others.
By default, Controlled Folder Access will watch all files found in default Windows library folders such as Documents, Pictures, Movies, and Desktop. While users can add and remove their personal folders, these default folders are hardcoded in the feature and cannot be removed.
The second customization feature allows users to add apps that can interact with files stored in controlled folders. Microsoft says that most apps are considered “friendly” and are already whitelisted. This setting should be used only to allow non-standard and rarely used apps.
The company boasts that this new Windows Defender feature will block ransomware from encrypting files. This statement shouldn’t be taken at face value. Just like malware authors adapted to Microsoft blocking automatic macro script execution in Office, they’ll adapt to Controlled Folder Access when the time comes.
New feature shipping this fall
Controlled Folder Access will ship to all Windows users in October-November, when Microsoft plans to release it for all users as part of the operating system’s major update package, codenamed Redstone 3, or the Fall Creators Update.
Users will be able to find this feature in the Windows Defender Security Center, under the “Virus & Threat Protection” option (second icon on the left).
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.