Microsoft Releases Feature That Makes Windows 10 Immune to Ransomwares

[brambedkar59]

Windows has been hit twice by ransomware infections in the last couple of months, and thousands of computers ended up compromised after owners failed to properly protect data.

While Microsoft has indeed released Windows updates to block these infections, most of the systems that got infected weren’t actually running the latest patches, so it was very clear that the company needed to develop a solution that would keep users secure even when zero-day updates are not available.

Enter Controlled folder access. This is a new feature that Microsoft is testing right now with help from insiders that is supposed to keep an eye on critical folders and alert users whenever a specific app attempts to make unauthorized notifications.

 

[frogboy]

Very nice to know, but I guess it was only a matter of time. Untill the next version comes around. Cheers.

 

[FrFc1908]

m$ still has a lot of work to do when it comes to security related issues. but it is nice to see the are improving win 10 with each and every release , the same goes for windows defender thanks for the share!

 

[Parsh]

Nice share Great to see such to-the-point features being added to restrict various classes of malware. They sure have a lot to do here and a lot going on!

Adding a "Controlled detonation chamber" to analyse suspicious files pre-execution (like emulation?), AntiMalware Scan Interface (AMSI) especially helpful in cases like blocking payloads invited by scripts and useful for 3rd party AVs, Edge page-containers and then ATP, Device Guard etc. in their enterprise editions.... each of them reducing the need for 3rd party security modules.
Currently a lot of generalization of newly added technologies being tests is found on the internet, without clear statements regarding which editions are getting what candies. Newer EMET will be a superb addition to the Home ed.

 

[brambedkar59]

Untill the next version comes around

Windows version or malware? I guess this feature should work against any ransomware. Therefore title changed

 

[brambedkar59]

Nice share Great to see such to-the-point features being added to restrict various classes of malware. They sure have a lot to do here and a lot going on!

Adding a "Controlled detonation chamber" to analyse suspicious files pre-execution (like emulation?), AntiMalware Scan Interface (AMSI) especially helpful in cases like blocking payloads invited by scripts and useful for 3rd party AVs, Edge page-containers and then ATP, Device Guard etc. in their enterprise editions.... each of them reducing the need for 3rd party security modules.
Currently a lot of generalization of newly added technologies being tests is found on the internet, without clear statements regarding which editions are getting what candies. Newer EMET will be a superb addition to the Home ed.

I hope they do add some of the enterprise features in consumer versions too.

 

[Winter Soldier]

Good news, but saying "Windows will be immune to ransomwares" are big words.
Of course, new implementations can provide improved protection against current malcodes but malware is still in dangerous evolution, by exploiting any possible vulnerability.
Don't take me wrong, MS is working well in the right direction, but never underestimate the enemy, and especially never give up on a serious backup plan, which is the only concrete salvation in the case of ransomware infection.

 

[brambedkar59]

Good news, but saying "Windows will be immune to ransomwares" are big words.

Yup, big words indeed. (PS i only changed title from petya/Wannacry to ransomware only because it was not mentioned in the article that this new feature is only effective against petya/Wannacry)

keep an eye on critical folders and alert users whenever a specific app attempts to make unauthorized notifications.

So, a malware author can exploit a trusted app and there will be no notifications at all. At least the malware authors will have to work harder to bypass this security feature.

 

[ispx]

Good news, but saying "Windows will be immune to ransomwares" are big words.

oh yes they are big words indeed & lately microsoft has doled out many such big words.

microsoft should first focus on the internal data leaks. such data leaks will only give more access & increase capabilities of the malware makers.

 

[EASTER]

oh yes they are big words indeed & lately microsoft has doled out many such big words.

microsoft should first focus on the internal data leaks. such data leaks will only give more access & increase capabilities of the malware makers.

Couldn't agree more.

Any further or any new leaks of source and it's a whole other ball game entirely.

With the wonky rollout of Windows 8 it looks like they finally found the right ambition to tackle what really is been all along a rather ho hum experience for them, that being more proactive in the security section of their O/S.

 

[Daniel Keller]

Does this come to home versions as well?

 

[SHvFl]

Until the malware injects into explorer. LOL.

 

[orthonovum]

Until the malware injects into explorer. LOL.

exactly...

 

[tryfon]

I'm almost certain we will still see ransomware following this patch. It will decrease the amount of instances dramatically but hackers will find ways around it.

 

[jamescv7]

Not a bad feature since it's a matter of time where many users are still taken for granted to conduct backup habits.

The only problem here is to widely distribute the information of this feature to anyone who use Windows 10; so that no reason to blame if a ransomware hit a system yet again because a built in feature in OS will save for all cost.