Regardless of technological advancements there’s no way to stop ransomware from spreading. Attackers are becoming smart and they leave no stone unturned to exploit system weaknesses and steal your data. If you haven’t witnessed any of these attacks consider yourself lucky. But it won’t be long before you are in its grasp, so better beware.
Ransomware is a type of malware that encrypts your files and locks you out of your own system. There’s a need of additional layer of security as antivirus software alone cannot suffice. Microsoft understands it and therefore has introduced a major security feature Controlled Folder Access in Windows Defender Exploit Guard.
Controlled Folder Access In Windows 10
This is a security feature which comes with Windows 10 Fall Creators Update (v1709). Designed to block ransomware from encrypting files located in the protected folder. Encryption of files by ransomware and other unauthorized apps causes data loss that cannot be allowed as it disturbs all operations. Controlled Folder Access protects critical folders and locks them down if any unauthorized access is noticed. Irrespective of admin privilege all unauthorized apps including malicious and suspicious executable files, DLLs, scripts, and others are denied access.
How It Works?
As the name suggests, Controlled Folder Access gives user the control to grant access to crucial folders. It works on “block everything by default” philosophy, which means it will block the ransomware at the basic level when it attempts to access and encrypt files stored in secured folders. Thus, serving the purpose of protecting critical file against a ransomware infection. Once enabled it allows only the friendly apps trusted by Microsoft and user to make modifications to the personal files and folders.
However, there’s an important thing you must know the feature won’t be able to protect you against malware viewing and making copies of the files. It will only block malware from making any changes to the files. This means, if there is a malware on your machine it can make copies of your files but won’t be able to overwrite protected files or delete them.
Download the update by clicking here
How To Enable Controlled Folder Access?
Step 1: Open Windows Defender Security Center by typing it in the Start Search field.
Step 2: Now click on the shield shaped icon “Virus & threat protection” from the left pane of “Windows Defender Security Center”. Next click on “Virus & threat protection settings” option.
Step 3: Now scroll down to look for “Controlled folder access” section. Click the On/Off toggle to enable it.
Step 4: Next select the “Protected folders” sub option and click on “Add a protected folder” to add more folder to restrict access.
This way you can make your own list of selected folders to protect.
Grant Access To Trusted Programs
Windows is smart it has already done half the work by whitelisting known programs that do not pose a threat to your system. All these allowed apps will be able to make modifications to the files in protected folders. When a suspicious program will try to make any changes to the protected files, they will be blocked automatically. The user will see an error message “Unauthorized changes blocked”
If you receive this message then to grant access you will have to added it to the whitelist.
Step 1 : To do head to Windows Defender next Virus & threat protection now click on Virus & threat protection settings.
Step 2: Now click on Protected folders (Allow an app through Controlled folder access).
Step 3: Click on Add an allowed app browse to the programs location you want to add.
Other Ways To Enable Controlled Folder Access:
You can enable the feature through the Powershell command: Set-MpPreference -EnableControlledFolderAccess Enabled or via Group Policy Management Console.
You are now secured and have enabled Controlled Folder Access. If any unauthorized program will try to access or edit any of the files added to protected list you will receive a warning message in Windows Notification sidebar and it will be blocked then and there. Plus, an entry will be made in the Windows event log mentioning the unauthorized access. Make sure you enable real time protection in Windows Defender to make Control Folder Access work in real time.
Default Protected Folder
By default, all your Library folders such as Documents, Pictures, Videos, Music Favorites and Desktop are added to the protected list. If you want you can add more to the list by following the steps explained above. Additionally, note once you have added a folder to the list you cannot alter the folders location or move protected folder from one place to another. If you try to do so the folder won’t be protected.
In today’s world, nothing is secure and your online data can be compromised anytime. Therefore, one should be cautious. This new security feature may not be a full-fledged to stop ransomware attack but it will surely protect your data. It may look alike to many others but it is different in many ways.
In a recent blog post Microsoft said, “This feature protects your files from tampering, in real-time, by locking folders so that ransomware and other unauthorized apps can’t access them.” They further added “It’s like putting your crown jewels in a safe whose key only you hold. Controlled folder access is a powerful tool that can render ransomware attacks worthless,” Microsoft added.”
With Controlled folder access enabled, cybercriminals can’t extort money since they can’t encrypt your files.