Windows 10 will try to combat ransomware by locking up your data

Windows 10 logoThe latest Windows 10 build, today's 16232, contains a few new security features. In addition to the richer control over exploit mitigation that Microsoft announced earlier this week, the new build also includes a trial of a new anti-ransomware capability.

The long-standing approach that operating systems have used to protect files is a mix of file ownership and permissions. On multi-user systems, this is broadly effective: it stops one user from reading or altering files owned by other users of the same system. The long-standing approach is also reasonably effective at protecting the operating system itself from users. But the rise of ransomware has changed the threats to data. The risk with ransomware comes not with another user changing all your files (by encrypting them); rather, the danger is that a program operating under a given user's identity will modify all the data files accessible to that user identity.

Windows 10 will try to combat ransomware by locking up your data

In other words, if you can read and write your own documents, so can any ransomware that you run.

Microsoft's attempt to combat this is called "Controlled folder access," and it's part of Windows Defender. With Controlled folder access, certain directories can be designated as being "protected," with certain locations, such as Documents, being compulsorily protected. Protected folders can only be accessed by apps on a whitelist; in theory, any attempt to access a Protected folder will be blocked by Defender. To reduce the maintenance overhead, certain applications will be whitelisted automatically. Microsoft doesn't exactly specify which applications, but we imagine that apps from the Store would automatically be allowed access, for example.

In principle, this should impede the ability of ransomware to encrypt user data. In practice, we'll have to see just how robust Controlled folder access is. To be effective, such a safeguard would need, for example, to prevent malicious Word macros from accessing a Protected folder, even though Word itself should be allowed to read and write to the Documents directory. If ransomware can readily get a trusted application to do its dirty work for it, the protection will likely be circumvented sooner rather than later.

In the new build, Application Guard for Edge—the new system for running Edge in a special virtual machine to protect the operating system from browser-based flaws—also takes a big step forward in usability. Previously, these virtualized Edge sessions were ephemeral, with no ability to, for example, store cookies or passwords or create bookmarks. This was useful for visiting highly suspect sites, but it made the feature less than practical for routine browsing.

In today's Windows build, a separate set of persistent data is now maintained for the virtualized browser sessions. This allows a much more normal browsing experience while still offering the safeguards that virtualization provides.

Source: Ars Technica

Tags: Microsoft, OSes, Windows 10

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


Last news

 
Galaxy Note10 really is built around a 6.7-inch display
 
You may still be able to download your content
 
Facebook, Messenger and Instagram are all going away
 
Minimize apps to a floating, always-on-top bubble
 
Japan Display has been providing LCDs for the iPhone XR, the only LCD model in Apple’s 2018 line-up
 
The 2001 operating system has reached its lowest share level
 
The entire TSMC 5nm design infrastructure is available now from TSMC
 
The smartphone uses a Snapdragon 660 processor running Android 9 Pie
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 / 2
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
 
 

News Archive

 
 
SuMoTuWeThFrSa
1234567
891011121314
15161718192021
22232425262728
293031    




Poll

Do you use microSD card with your phone?
or leave your own version in comments (15)