Windows 10 Insider Preview Build 16232 set to fight ransomware

ransomware
Credit: CC0 Public Domain

(Tech Xplore)—Something called the Windows 10 Insider Build is offering a peek at what is in store, and the message is clear that Microsoft is fighting the good fight against malware havoc.

The new Windows 10 Inside Preview was released to some Insiders on Wednesday; reports are out about what new features Microsoft has in mind.

With all the recent spotlights on , it comes as no surprise that, for Insider Preview 16232, most of the are aimed at improving security.

Windows Insiders can try out Preview Build 16232, which brings a new 'Controlled Folder Access' feature to the OS, designed to protect your from ransomware, said TrustedReviews.

Essentially, Windows 10 is fighting ransomware by locking up your data. Windows Latest wrote Friday that "Users could soon hide important files from ransomware soon in Windows 10." Hot Hardware said, Windows 10 Fall Creators Update neutralizes ransomware with controlled folders.

Just what is Controlled Folders—as this seems to be the main talking point about the preview.

Reports said that the Controlled Folder Access feature in the upcoming OS update will prevent malware and untrusted software from making changes to files.

Fortune said the feature aims to protect files from threats by monitoring changes made to contents within a controlled folder. Trusted apps can be added through the Controlled Folder Access Panel.

This is how Dona Sarkar, software engineer, Windows and Devices Group, described the feature to the OS:

"Controlled folder access monitors the changes that apps make to files in certain protected folders." "If an app attempts to make a change to these files, and the app is blacklisted by the feature, you'll get a notification about the attempt."

TrustedReviews: "When turned on, the feature only allows specific apps to access and write to certain folders, with desktop, pictures, movies, and documents folders included on the list of protected folders by default."

Peter Bright, technology editor, Ars Technica: "With Controlled folder access, certain directories can be designated as being 'protected,' with certain locations, such as Documents, being compulsorily protected. Protected folders can only be accessed by apps on a whitelist; in theory, any attempt to access a Protected folder will be blocked by Defender. To reduce the maintenance overhead, certain applications will be whitelisted automatically."

Ransomware has figured prominently in recent news. Pedro Hernandez, eWEEK, on Friday noted the events that caused widespread concern. "Last month, the WannaCry ransomware attack spread like wildfire, shutting down hospitals in the U.K. and encrypting files at Spanish telecommunications company Telefonica. This week, some European businesses and government agencies fell victim to a widespread attack by the Petya strain of ransomware."

Hernandez said, "In light of recent ransomware outbreaks, concerned IT executives may welcome Microsoft's decision to provide an early look at some of the advanced security included in the upcoming Windows 10 Fall Creators update."


Explore further

'Ransomware' wave seemed aimed at old flaw and Ukraine

More information: blogs.windows.com/windowsexper … #6b53WFT0RLetZOv2.97

© 2017 Tech Xplore

Citation: Windows 10 Insider Preview Build 16232 set to fight ransomware (2017, July 1) retrieved 20 October 2019 from https://techxplore.com/news/2017-07-windows-insider-preview-ransomware.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
28 shares

Feedback to editors

User comments

Jul 02, 2017
This is a good idea, but if they implement it wrong it will just become another pop-up window we all click through without reading...

Jul 02, 2017
Great idea, but if they hack/infect the white-listed apps then you're back to square one. They need to add hash keys to all the protected apps, not sure how to protect against stack smashing, if the user opens "corrupt data files" and it implements a remote door or application for the hacker then again you're back to square one. Application key hashing is a must for this to have any benefit.

Jul 02, 2017
This is a good idea, but if they implement it wrong it will just become another pop-up window we all click through without reading...


And more lock-in since applications not from/through microsoft will be blacklisted by default.

Jul 02, 2017
Now this is something all Microsoft WIN users will hope is successful; but this is still a matter of Microsoft patching all the elusive vulnerabilities within the operating system.. and it still makes sense for all WIN OS users to back up their computers once a week to minimize the possibility of lost data from ransomware.

Jul 02, 2017
"it still makes sense for all WIN OS users to back up their computers once a week to minimize the possibility of lost data from ransomware."

I am using Linux; I have been using it since 1995, and I would never use Windows. In any case, I am backing up my system three or more times every day, to different media (external disks and second computer). It is really easy and fast by using rsync. Incidentally, a used computer for second computer is quite cheap, and runs like new if one installs Linux. Besides, Linux is almost totally immune to ransomware.

Jul 02, 2017
"Linux is almost totally immune to ransomware"

Is that a joke ??

Why don't you do a search on exploit DB for "Linux Escalation" ?

Linux has bugs and exploits that don't get caught for years because no one is getting paid to fix them !

Jul 03, 2017
"Great idea, but if they hack/infect the white-listed apps then you're back to square one. They need to add hash keys to all the protected apps"

I'm betting they will do this hash based. Though it's going to be tricky. If the app gets updated the hash will change. I don't think lock-in will be an issue because Microsoft would get sued again (as they did when they tried this with the internet explorer - I think they learned their lesson). It will be user's discretion which apps to whitelist for a folder.

In any case Microsoft doesn't make software for all kinds of applications, so they need to have a mechanism which will allow 3rd party software to be whitelisted.

" if the user opens "corrupt data files" and it implements a remote door"

Since only you will be able to write data to the folder via the whitelisted apps there shouldn't be any corrupt data files.

Jul 03, 2017
That's what phishing is all about, how many suspect emails do we get per day trying to get us to open a .docx or a pdf, click that link etc ? (I administer a small company and we are getting anywhere up to a dozen a day and we use death2spam which filters out at least twice that per day), let alone drive by website exploits, infected ads are also a big problem.

The hashing is definitely tricky for third party software but Microsoft are well along the path of certifying software, introducing a "Hash to publish" isn't that hard from a developers point of view, but it will likely impact the open source community until they get on board with it.

We send out pdfs for quotes and invoicing everyday, you can't do business without opening a document created offsite, that's why phishing is so effective.

Jul 03, 2017
If you really want to know how easy it is, I'd recommend one of the white hack hacking courses on Source Forge, it's an eye opener just how easy it is to crack windows or any OS for that matter, DEP isn't a barrier and all the tools you need are freely available online, install Kali Linux and you're off.

If a hacker has the time and the inclination they have a very good chance of success on a targeted attack.

The more ports you have open and the more services you are running the more vulnerable you are, and every emailed document you open has a chance of compromising your workstation and therefore your network, time and persistence is all they need.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more