Advice Request Is the new Windows 10 ransomware protection enough to keep you safe?

  • Thread starter Deleted member 178
  • Start date

Please provide comments and solutions that are helpful to the author of this topic.

Do you use the new protections features introduced with the Fall update?

  • Yes, All of them.

    Votes: 11 20.0%
  • Yes but only some.

    Votes: 19 34.5%
  • Not yet, but maybe later, i still observing

    Votes: 15 27.3%
  • No, i don't need or trust them.

    Votes: 10 18.2%

  • Total voters
    55
Status
Not open for further replies.
D

Deleted member 178

Thread author
Emsisoft has been in the ransomware protection game for a long time. Over the years, we’ve continued to hone our software and today we’re proud to offer one of the best products in the industry when it comes to protecting users against illegal encryption tactics.

Unfortunately, many PC users still rely solely on Windows’ own protection measures. Despite Microsoft making some improvements to its security software in recent years, Windows Defender remains far from a perfect solution. In fact, in a recent AV-Test assessment of 18 security Windows 10 security suites, Windows Defender was ranked last equal due to sub-par protection and performance.

Nevertheless, we’re happy to see Microsoft taking a more proactive approach to security with the arrival of the latest Fall Creators Update, which includes, among other things, a dedicated ransomware protection feature.

Is it any good? How does it compare to Emsisoft’s Anti-Ransomware module? And, most importantly, is it enough to keep your computer safe?

Let’s find out.

Read more here
 

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
YEP, it is enough to keep me safe (with SRP at basic user and UAC only allowing signed to elevate) Exploit protection and Secure Folders are great improvements

Adding a program as allowed to Secure Folders Access also seems to bypass SRP in BASIC USER mode (which is great news for w10 home users, just run the SRP reghack and you can add exceptions through Controlled Folder Access).
 
Last edited:

spaceoctopus

Level 16
Verified
Top Poster
Content Creator
Well-known
Jul 13, 2014
766
Nice security update from windows,but personally i would stick with Emsisoft.
Emsisoft ransomware protection is 'battle tested' and has proven to be extremely effective.Even more effective than the ransomware protection of bigger and more expensive,'next gen' suites.

Protected folder by Microsoft is not bad,but very new(for windows).It still has to prove its effectiveness.Other products such as Avast,Bitdefender and Panda use this methodoly,and quite often fail to protect the files.So, nothing really new here, and certainly not bulletproof.
 
Last edited:

DJ Panda

Level 30
Verified
Top Poster
Well-known
Aug 30, 2015
1,928
I've been sticking with Emsisoft but have periodic scanning enabled for Windows Defender. Everything else was default so I don't know if I have exploit or extra ransomeware protection. Looking forward to see even greater improvement for both products as time goes on. :)
 

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Average Joe will end up with encrypted files figuring out how to use new FCU security features.

Better use Emsisoft. It is easier for average Joe to figure out HOW to use.

I just asked average Joe. Average Joe had never heard of EAM, he did not know WHAT I was talking about.

Then I explained Average Joe that EAM is a paid Antivirus as alternative for the free Antivirus that came with his PC. Average Joe asked me: dude WHY pay for something I already got for free?

My guess: EAM does not have that many Average Joe users, because you need some knowledge about security to understand the benefits of EAM over WD.

Even when Average Joe know's WHAT AEM is/does, Average Joe has not figured out WHY use EAM, so the HOW (to use) question is irrelevant.
 
Last edited:

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
No, I just use NTFS permissions, it works the same (tested on wannacry, unwillingly). :)

I only give System+Admin write+delete access to my quick backup folder on Windows 7. Elevated processes have still access. So my implementation is not water tight. How have you set the NTFS-ACL file permisisons for what users?
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
How have you set the NTFS-ACL file permisisons for what users?
Admins - full access, Users - reading only, SYSTEM - blocked. It is actually great, that most ransomware/UAC bypasses use system rights, easily blocked.

P.S.: I have got UAC (admin account) with a password, even-though it is just one letter, it is hard to bypass. :ROFLMAO:
 

Attachments

  • capture_07302017_205032.jpg
    capture_07302017_205032.jpg
    67.9 KB · Views: 443

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Admins - full access, Users - reading only, SYSTEM - blocked. It is actually great, that most ransomware/UAC bypasses use system rights, easily blocked.

P.S.: I have got UAC (admin account) with a password, even-though it is just one letter, it is hard to bypass. :ROFLMAO:

Okay that is SMART (using ransomware eagerness to obtain highest rights) thanks, will experiment with SYSTEM rights DENY (y)
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I just asked average Joe. Average Joe had never heard of EAM, he did not know WHAT I was talking about.

Then I explained Average Joe that EAM is a paid Antivirus as alternative for the free Antivirus that came with his PC. Average Joe asked me: dude WHY pay for something I already got for free?

My guess: EAM does not have that many Average Joe users, because you need some knowledge about security to understand the benefits of EAM over WD.

Even when Average Joe know's WHAT AEM is/does, Average Joe has not figured out WHY use EAM, so the HOW (to use) question is irrelevant.
Even above-average Joe is better off with 3rd party security softs than trying to machete his way through the jungle of Windows advanced security.
 
5

509322

Thread author
Average Joe can barely use Windows and Windows Defender. They know there is a power chord and a power button and not much else. Windows registry - what's that ? UAC - what's that ? Signed process - what's that ?

One minute explaining in explaining Windows tweaks and you've already lost them. The average Joe thinks "Tweak" is a character on the TV cartoon series "South Park" if they even know it.

Microsoft's new security features are not appropriate for everyone on the planet. Probably more like not appropriate for at least 50 % of all Windows users because they don't have the requisite knowledge to use those features. EMET pretty much always was in the domain of security soft geeks and the way Microsoft integrated exploit guard into Fall Creator's Update made it no more user friendly.

Average Joe (the 50+ %) would benefit\needs prepackaged security but Microsoft is doing its best to convince him he doesn't need it. The new W10 security features require a user to actually know what they are and how to configure them.

Complex issue with no right nor wrong single answer.

The solutions for each individual are likewise complex.
 
Last edited by a moderator:
P

plat1098

Thread author
Voted "no"--not an issue of trust, just do not need them. It is a combination of 3rd party standalones that I use with a souped-up Windows Defender (PowerShell? Run as Administrator? What's that?). I use Group Policy for paid/Windows Defender on another machine--more real and working class than the cutely glossy yet persistently obscure offerings in the revamped Defender interface. Just not my style.
 

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
One minute explaining in explaining Windows tweaks and you've already lost them..

Well that was my point also about explaining the benefits of EAM above WD or AppGuard. SO we agree on that. There is another question I am thinking about. I still have not made my mind up, why M$ released those features in a mass market product.

Are they so naive that they don't understand that the new features are to complex for average Joe or are they so mean that they provide advanced features in WD to lure advanced users away from paid AV-products?

:rolleyes:
 
5

509322

Thread author
Well that was my point also about explaining the benefits of EAM above WD or AppGuard. SO we agree on that. There is another question I am thinking about. I still have not made my mind up, why M$ released those features in a mass market product.

Are they so naive that they don't understand that the new features are to complex for average Joe or are they so mean that they provide advanced features in WD to lure advanced users away from paid AV-products?

:rolleyes:

I don't know. Your guess is as good as mine.

One time I had a company owner call me on an emergency basis to his business because he said none of his employees' workstations could connect to the company server. When I got there, the server was not plugged into the outlet.

Maybe Microsoft is doing equally mindless stuff or maybe as you speculate it is some sinister master plan. When it comes to Microsoft one can never know. One thing is certain, Microsoft does what it wants without consulting anyone.
 

Aktiffiso

Level 8
Verified
Aug 24, 2013
395
Hi i read in this post Is the new Windows 10 ransomware protection enough to keep you safe? umbra said you can use this feature alongside emsisoft it means are compatible? how can we use togheter?. Does anybody use it? Any issues? Maybe dont take in count but dont you think emsi must try to create a easy way to install and use emsi alongside this feature?

Quote

Umbra@Emsisoft
Mod novos716 hours ago
You can enable it (and so Windows Defender) by unticking "Activate Windows Defender Security Center integration" checkbox in Emsisoft Anti-Malware's Settings tab.

 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top