Microsoft Experimenting with Controlled Folders in Windows 10 against ransomware
Click here to post a comment for Microsoft Experimenting with Controlled Folders in Windows 10 against ransomware on our message forum
Exascale
About time M$ did something. Have had exploit mitigations since 2013 and ransomware protection for a while.
RealNC
I got access to the source code of that feature:
buhehe
asturur
i think it will block nothing and make everything slower.
To protect some folders the software has to listen to each write access, check the app, return something, then the write/change can happen right?
sykozis
Now they just need to add something to protect against MS ignorance.....and a feature to protect users from MS Customer Support's hatred of customers...
PrMinisterGR
This is just an ACL rule that says that an application that hasn't create a specific folder, then it can't change it. Which makes sense and it would block the vast majority of ransomware, since they won't be able to write to folders they haven't created. The comments in this thread gave me a brain tumor.
DeskStar
sykozis
tsunami231
chronek
"When users mark a folder as being a Controlled Folder, then only software which is not blacklisted can make modifications". So you will have to wait for microsoft to blacklist new malware, is it any difference between waiting for releasing patch and waiting for blacklist? Will it blacklist suspicious behavior automatically? Will it blacklist windows itself? If you not mark folder then will windows defender allow harmful software to modify everything? Or will it just block everything what is not from ms store?
fry178
A feature i can already get in form of a small prog thats free and not from MS..
Cyberreason protection..
Fox2232
PrMinisterGR
sykozis
HeavyHemi
PrMinisterGR
sykozis
I'm using the "default" account on my system and it clearly states "Administrator" in the account info screen... I'm running Windows 10 build 1703
Click here for Screenshot
PrMinisterGR
disabled since Vista.
The administrator you see in your screenshot is your account's escalation allowance. The actual administration account has full privileges and requires no escalation. There is a ton of difference in what they can do.
Sorry, I was mistaken. The admin account is actually Fox2232
rl66
I like all the effort to secure Windows...
But all of this is already in most Linux distro as it is logical. 😛c1:
*edit* and unix based OS too btw