Wednesday, July 05, 2017

This Step Would Seem To Be A Little Later Than It Might Have Been! One Global Ransomware Attack Should Have Been Enough!

This appeared last week:

Microsoft to help users guard against ransomware

Microsoft will introduce a feature in its next build of Windows 10 to allow users to protect folders in order to prevent their contents being encrypted in the case of a ransomware attack.
The feature is in Windows 10 Insider Preview Build 16232 for PCs which is being released to Windows Insiders in the Fast ring today (Australian time).
The build is expected to be released to all Windows 10 users later this year.
Called controlled folder access, the feature is part of Windows Defender, Microsoft's own anti-malware application.

Applications can be whitelisted to write to files in these folders and any unauthorised applications will not be allowed to tamper with files.
Two recent attacks have led to many users losing access to files. WannaCry last month spread rapidly around the globe while a more recent attack, a few days ago, led to many users losing access to files forever.
In a blog post, Microsoft said: "Controlled folder access monitors the changes that apps make to files in certain protected folders. If an app attempts to make a change to these files, and the app is blacklisted by the feature, you’ll get a notification about the attempt.
More here:
There is also coverage here:

Microsoft to release security-focused Win10 update

By Juha Saarinen on Jun 28, 2017 8:25AM

EMET comes to flagship OS.

The next major update for Microsoft's Windows 10 operating system will contain advanced security enhancements to protect against new cyber threats released in the wild at a rapid pace, the company said.
For the upcoming Windows 10 creators update, Microsoft intends to integrate new features into the Windows Defender Advanced Threat Protection (ATP) security tool.
It will resurrect parts of its Enhanced Mitigation Experience Toolkit (EMET), which aims to protect customers against new bugs before they're exploited.
EMET was deemed unnecessary on Windows 10 but customer feedback forced Microsoft to make it native to the operating system.
In particular, Microsoft will make the EMET Windows Defender Exploit Guard intrusion detection and prevention system available on Windows 10. WDEG obtains intelligence from Microsoft's Intelligent Security Graph cloud analytics system and provides built-in rules and policies to block intrusion attempts and threats.
More here:
All I can say is better late than never. Anything to help manage the scourge of ransomware can only be a good thing!
David.

No comments: