Microsoft explains how its next-gen security can protect files from being encrypted by ransomware extortionists.
The Windows 10 Fall Creators Update is rolling out now with a security feature that can prevent ransomware from encrypting your files.With Microsoft making headway on the Windows 10 Fall Creators Update rollout, the new anti-ransomware feature, called Controlled folder access, is now becoming widely available.
It works by only allowing whitelisted apps to access files in the Controlled folder list. Users can add new folders to the protected zone and adjust which apps are authorized to access files in it.
Microsoft has been testing the feature with Windows Insiders since July but now it’s making its way to the general public.
Consumers can enable the feature through the Windows Defender Security Center app by clicking the shield icon and toggling on Controlled folder access. It automatically protects Windows system folders and default locations such as Documents, Pictures, Movies, and Desktop.
Users can also add other folders and other drives by clicking the shield icon in the Windows Defender Security Center and clicking through to the Virus and threat protection settings.
The feature also issues alerts when an unapproved app attempts to access or modify files.
Controlled folder access may be trickier for enterprises to deploy as it’s a new technology and could block legitimate apps from working.
To assist enterprises, Microsoft suggests admins run Controlled folder access in audit modeto test its impact.
Admins can enable Controlled folder access via the Windows Defender Security Center, Group Policy, PowerShell, or via a mobile device management configuration service provider. They can also manage which folders are protected and which apps are whitelisted through these tools.
Microsoft automatically allows a set of apps it considers trustworthy to access files protected by Controlled folder access. Admins can use Windows Defender Security Center app or Group Policy to add and remove apps that can access these files.
In the enterprise, Controlled folder access is one of four components of the Fall Creators Update’s Windows Defender Exploit Guard, along with Attack Surface Reduction (ASR), Network protection, and the EMET-based Exploit Protection.
ASR requires enabling Windows Defender antivirus and can prevent common techniques used in malware, by blocking hidden macro code and stopping Office apps from creating executable content.