Windows 10 security: Here's how to shield your files from ransomware, says Microsoft

Microsoft explains how its next-gen security can protect files from being encrypted by ransomware extortionists.
Written by Liam Tung, Contributing Writer

The Windows 10 Fall Creators Update is rolling out now with a security feature that can prevent ransomware from encrypting your files.

With Microsoft making headway on the Windows 10 Fall Creators Update rollout, the new anti-ransomware feature, called Controlled folder access, is now becoming widely available.

It works by only allowing whitelisted apps to access files in the Controlled folder list. Users can add new folders to the protected zone and adjust which apps are authorized to access files in it.

Microsoft has been testing the feature with Windows Insiders since July but now it's making its way to the general public.

Consumers can enable the feature through the Windows Defender Security Center app by clicking the shield icon and toggling on Controlled folder access. It automatically protects Windows system folders and default locations such as Documents, Pictures, Movies, and Desktop.

Users can also add other folders and other drives by clicking the shield icon in the Windows Defender Security Center and clicking through to the Virus and threat protection settings.

The feature also issues alerts when an unapproved app attempts to access or modify files.

Controlled folder access may be trickier for enterprises to deploy as it's a new technology and could block legitimate apps from working.

To assist enterprises, Microsoft suggests admins run Controlled folder access in audit mode to test its impact.

See also: Ransomware: An executive guide to one of the biggest menaces on the web

Admins can enable Controlled folder access via the Windows Defender Security Center, Group Policy, PowerShell, or via a mobile device management configuration service provider. They can also manage which folders are protected and which apps are whitelisted through these tools.

Microsoft automatically allows a set of apps it considers trustworthy to access files protected by Controlled folder access. Admins can use Windows Defender Security Center app or Group Policy to add and remove apps that can access these files.

In the enterprise, Controlled folder access is one of four components of the Fall Creators Update's Windows Defender Exploit Guard, along with Attack Surface Reduction (ASR), Network protection, and the EMET-based Exploit Protection.

ASR requires enabling Windows Defender antivirus and can prevent common techniques used in malware, by blocking hidden macro code and stopping Office apps from creating executable content.

Previous and related coverage

Windows 10 Fall Creators Update: New features to try, but don't rush to install it

The fourth feature update to Windows 10 is here now. It's packed with a wide assortment of new and refined features, including some new security options designed to block zero-day exploits and ransomware. But should you upgrade now?

Windows 10 Fall Creators Update: Microsoft shows off Fluent Design

Microsoft offers a glimpse of how its new Fluent Design is evolving the Windows 10 experience.

Read more on ransomware

Editorial standards