A below-the-radar security feature in the Windows 10 Fall Creators Update, aka version 1709 released last week, can stop ransomware and other file-scrambling nasties dead.
Though controlled folder access has been known about for months – it surfaced with Insider builds earlier this summer – the feature is only now being thrust into the spotlight with the general public release of the Fall Creators Update for Windows 10.
The feature is enabled through the Windows Defender Security Center App for most users, and is accessed by opening the virus & threat protection screen within Defender. From there, users switch on the controlled folder access option to activate controlled folders.
Windows Fall Creators Update is here: What do you want first – bad news or good news?
For enterprise users and administrators, controlled folder access can also be activated through PowerShell, Group Policy, and MDM configurations.
Once the feature has been activated, essential directories like the user’s documents folder are locked off from any malicious applications that seek to encrypt files to hold them to ransom, or scramble them to destroy them. Users can also designate additional folders to be protected from unauthorized changes.
The idea, says Microsoft, is to lock away data from any ransomware infection.
“This feature protects your files from tampering, in real-time, by locking folders so that ransomware and other unauthorized apps can’t access them. It’s like putting your crown jewels in a safe whose key only you hold,” explained Microsoft today.
“Cybercriminals can’t extort money if they can’t encrypt your files. Controlled folder access is a powerful tool that can render ransomware attacks worthless.”
Intent is all well and good, but how does the new Windows 10 security feature perform in the wild? According to researchers, the initial results have been encouraging. The mechanism was able to stop the Locky ransomware.
— GrumpSec Spottycat (@kyhwana) October 22, 2017
It goes without saying, those who can activate the controlled folder access on their Windows machines should definitely do so.
Meanwhile, in Azure land…
Microsoft has inked a deal with Cray to allow folks to run one of the latter’s supercomputers inside an Azure data center.
The idea, as reported by our sister site The Next Platform, is to allow organizations to deploy high-performance applications on Cray iron right next to code and data in cloud services on Azure. ®