Tuesday, July 4, 2017

Windows 10 to Get Built-in Protection Against Most Ransomware Attacks

How to Enable Controlled Folder Access, Whitelist Apps and Add or Remove Protected Folders


Here's how to enable the Controlled folder access feature:

  • Go to Start menu and Open the Windows Defender Security Center
  • Go to the Virus & Threat Protection settings section
  • Set the switch to On

Here's how to allow apps that you trust is being blocked by the Controlled folder access feature to access Protected folders:
windows10-controlled-folder-access-ransomware-protection


  • Go to Start menu and Open the Windows Defender Security Center
  • Go to the Virus & Threat Protection settings section
  • Click 'Allow an app through Controlled folder access' in the Controlled folder access area
  • Click 'Add an allowed app' and select the app you want to allow

Windows library folders like Documents, Pictures, Movies, and Desktop are designated as being compulsorily "protected" by default, which can not be removed.

windows10-controlled-folder-access-ransomware-protection

However, users can add or remove their personal folders to the list of protected folders. Here's how to add folders to Protected folders list:

  • Go to Start menu and Open the Windows Defender Security Center
  • Go to the Virus & Threat Protection settings section
  • Click 'Protected folders' in the Controlled folder access area
  • Enter the full path of the folder you want to monitor

Users can also enter network shares and mapped drives, but environment variables and wildcards are not supported at this moment.

Other Security Feature Introduced in Windows 10 Insider Program


With the release of Windows 10 Insider Preview Build 16232, Windows Defender Application Guard (WDAG) for Edge — a new system for running Microsoft Edge in a special virtual machine in order to protect the OS from browser-based flaws — also received improvements in usability.

Windows 10 Insider Preview Build also comes with support for Microsoft Edge data persistence when using WDAG.
"Once enabled, data such as your favorites, cookies, and saved passwords will be persisted across Application Guard sessions," Microsoft explains.
"The persisted data will be not be shared or surfaced on the host, but it will be available for future Microsoft Edge in Application Guard sessions."
Another new security feature called Exploit Protection has been introduced in Windows 10 16232, which blocks cyber attacks even when security patches are not available for them, which means the feature will be useful particularly in the case of zero-day vulnerabilities.

Exploit Protection works without Microsoft's Windows Defender Antivirus tool, but you can find the feature in Windows Defender Security Center → App & Browser Control → Exploit Protection.

In the Fall Creators Update for Windows 10, Microsoft has also planned to use a

No comments:

Post a Comment

SQL Injection to WebShell

An SQL Injection attack is not only limited to dumping a database, but can also allow the attacker to upload files to the remote server an...