Windows 10 October 2018 Update refines ransomware protection
- 04 October, 2018 04:57
Microsoft is rolling out its latest major Windows 10 feature update, the October 2018 Update or version 1809, bringing with it a shortcut to customizing its ransomware protection feature, Controlled Folder Access.
Controlled Folder Access debuted in the Windows 10 Fall Creators Update a year ago, a feature aimed at limiting the impact of ransomware by allowing users to control what folders can be accessed by apps.
The feature is available on pre-1809 versions of Windows 10 through the Windows Defender Security Center within “Virus & Threat protection”. Once enabled, users can nominate folders to protect by adding them to “Protected folders”, which prevents most apps from accessing and changing files within the folders. Users could then whitelist other apps they approve for accessing the protected folders.
The catch with enabling Controlled Folder Access is that Microsoft takes a conservative approach to determining what apps, by default, can access files in Protected folders. As such, sometimes safe apps are identified as harmful and then are prevented from accessing folders, which in turn prevents the apps from working as expected.
Microsoft has now made it easier to give permission for recently blocked apps to access files within protected folders. Following the same steps to “add an allowed app” through Controlled folder access, Windows 10 users will see a new option to add “recently blocked apps” to the allowed list.
This should make it easier than browsing through all apps to decide which ones should or should not be granted access to protected folders. The previously available way of browsing all apps is still available.
Controlled Folder Access still lives in the main security interface of Windows 10, but as of the Windows 10 October 2018 Update, Windows Defender Security Center is now simply called "Windows Security”.
Within Windows Security Windows 10 users can now allow a recently blocked app by opening “Virus & Threat protection” within the Windows Security app, clicking “Ransomware protection”, and then going through to “Allow an app through Controlled folder access”. The new option to add “Recently blocked apps” will appear in a popup.
Given the potentially dire consequences of ransomware infections, lowering the barriers to using a security feature that shields data from it is a good move on Microsoft’s part.
To access Controlled folder access controls, users should select Start > Settings > Update & Security > Windows Security > Virus & threat protection. Users should then select Manage settings, and under Controlled folder access, then select Manage Controlled folder access. From there they can set Controlled folder access to on or off.
There are also changes to how Windows 10 will display information about third party antivirus in the Windows Security app.
Microsoft has added a new page within Windows Security called “Security providers” that displays all antivirus, firewall, and web security services running on a device. Users should be able to resolve issues reported about these apps through the Windows Security app, including links to other security apps.
Microsoft is establishing a new process for third party antivirus that requires vendors to register with Windows Security Center (WSC) before they appear within the Windows Security user interface. Until that registration is completed, Windows Defender Antivirus will remain enabled side-by-side with these products.