October 26, 2017
Windows 10 Adds Anti-Ransomware Feature in Fall Update
Encryption keeps our personal information safe, whether it’s stored on a smartphone or in the cloud. However, encryption can also ruin your day if you pick up some ransomware on the internet. These nasty bits of code will lock down your computer and encrypt your files. Only by paying an often exorbitant Bitcoin ransom will you be able to decrypt the data. Ransomware attacks have become widespread in recent years, and most of the target Windows machines. Microsoft thinks it has a way to prevent ransomware from extorting money from Windows 10 users, and it’s called Controlled Folder Access.
This new feature is rolling out as part of the latest Fall Creators update. This update has a number of more widely publicized features like Mixed Reality, an improved Photos app, voice activation for Cortana, and more. When you install the update, Controlled Folder Access will be hiding in there as well. In past versions of Windows, any application you have installed could access your data, but that changes with Controlled Folder Access.
Most ransomware knows where to hit you hardest — it goes straight for user folders like photos, videos, and documents. Before the addition of Controlled Folder Access, there was nothing stopping ransomware from waltzing in there and encrypting all your files. Even if you managed to copy the data off and reformat your PC, the files would be locked forever without the decryption key. Ransomware authors claim to provide that key after getting the equivalent of several hundred dollars in Bitcoin, but that’s never a guarantee.
Controlled Folder Access blocks ransomware by limiting what apps can access your personal files. Only applications bundled with the system and those you specifically authorize can make changes in those folders. As for which folders are protected, the default is the standard user directories where most people keep their files. However, you can add more folders to the list in your system security settings. Windows also alerts you when an unauthorized app tries to access a protected folder.
The current build of Windows 10 has Controlled Folder Access disabled by default. To enable it, open Windows Defender and click on the shield icon, then “Virus and threat protection settings.” It would be nice if Microsoft could find a way to make this the default setting without confusing people too much. Controlled Folder Access won’t slow down the growth of ransomware until it’s active on most computers. Hit your Windows update center if you’re on an older build of Windows 10 — the Fall update should be live for most systems.