Windows 10: Anti-ransomware protection in Fall Creators Update

Page 2 of 4 FirstFirst 1234 LastLast
  1. Barman58's Avatar
    Posts : 2,781
    Windows 10 Pro x64 1803 - 17134.5 XP/Vista/Win7/Win8.1 in VM for testing
       15 Nov 2017 #11

    The simple process of storing the safety backup external to your home would improve the data security.
    Storing the drive concerned at a family Member's home, or that of a friend, or neighbour's would be Ideal - you could also make this a reciprocal arrangement where you store their data backup.

    There is also of course the option of online storage, the cost of this would obviously depend on your data size and Internet access speeds but is a possibility.

    Coming from a business/industrial background means that I do try to safeguard data more than most but even for a home user, things like family photos that cannot be replaced are worth a little time & effort (and money ), to protect
      My ComputerSystem Spec

  2.    15 Nov 2017 #12

    Its up to the user. If you are very security conscious such as not to open any attachments or links in emails or go to sites that are not trusted or shady, then you can leave it disabled. I heard that its very intrusive most of the times. But again, its up to how secure conscious is the user.

    Your ultimate protection would be common sense (like mentioned above), patch your Windows and all software, and try to run as a Limited User account (if possible).

    And of course, backup your data.
      My ComputerSystem Spec

  3.    19 Nov 2017 #13

    Bree said: View Post
    You start getting notifications that some apps you've been using for ages are being blocked.
    That's why I keep using Malwarebytes Anti-Ransomware rather than turn on Controlled Folder Access.
      My ComputerSystem Spec

  4.    24 Nov 2017 #14

    Iím a little surprised MS didnít whitelist their own exes. Kind of stupid TBO.

    There is always going to be a bit of annoyance when using protection of this type but itís needlessly intrusive when itís bugging users to grant access for applications that it should know are safe.

    IMO, they need to tweak this feature with regularly updated app whitelist definitions. Anything not whitelisted is treated as unknown, requiring permission by the user. Not perfect, but would ease a lot of pain.

    Guess itíll be another couple of years before they get this new feature out of beta. There is no way Iím activating this or recommending itís use to anyone I help.
      My ComputersSystem Spec

  5. Bree's Avatar
    Posts : 8,788
    10 Home x64 (1809) (10 Pro on 2nd pc)
       24 Nov 2017 #15

    vram said: View Post
    There is no way I’m activating this or recommending it’s use to anyone I help.
    I've been using it for over a month now. The initial rush of apps I've had to whitelist took a couple of weeks before it dropped to zero. Since then it has been completely unobtrusive. I'm leaving it turned on.
      My ComputersSystem Spec

  6.    24 Nov 2017 #16

    Thatís good. Unfortunately I donít have time to deal with that. Not myself, but for the people that will undoubtedly nag me about it.
      My ComputersSystem Spec

  7.    24 Nov 2017 #17

    vram said: View Post
    Thatís good. Unfortunately I don't have time to deal with that. Not myself, but for the people that will undoubtedly nag me about it.
    That is why it is turned off by default - for people like you. You would get nagged. Not much but you would. You don't have time and would moan about the change.

    I use the maywarebytes anti-ransomware. It was a bore for about a day to get it working smoothly but now it does.

    If you don't use one (and don't bother making non-connected backups) then all you can do is hope for the best and not complain later.

    If you make backups (and all the people who nag you do) it doesn't matter really either way. You/they can just restore.
      My ComputerSystem Spec

  8.    24 Nov 2017 #18

    vram said: View Post
    Iím a little surprised MS didnít whitelist their own exes. Kind of stupid TBO.

    There is always going to be a bit of annoyance when using protection of this type but itís needlessly intrusive when itís bugging users to grant access for applications that it should know are safe.

    IMO, they need to tweak this feature with regularly updated app whitelist definitions. Anything not whitelisted is treated as unknown, requiring permission by the user. Not perfect, but would ease a lot of pain.

    Guess itíll be another couple of years before they get this new feature out of beta. There is no way Iím activating this or recommending itís use to anyone I help.
    LOL... Yup...'nuff said

    BTW.. I had a similar issue with BD Free with over-zealous detection based on listing rather than heuristics - made me switch
      My ComputerSystem Spec

  9. Barman58's Avatar
    Posts : 2,781
    Windows 10 Pro x64 1803 - 17134.5 XP/Vista/Win7/Win8.1 in VM for testing
       24 Nov 2017 #19

    Predesigned whitelists are a serious issue for antiransomware, as any executable can be the bad one, even if it appears to be a totally benign part of the OS or a standard windows "filler" app.

    The problem with ransomware is that it targets file areas where even a standard user has full control access - Spoof a suitable OS tool that is included in a whitelist and you have full access to encrypt all the user files. But if a standard OS tool attempts to access a file area and you as the user has not initiated it then you at least have something that needs checking immediately, ( unless you a click everything you see kind of person, and those are beyond help )
      My ComputerSystem Spec

  10.    24 Nov 2017 #20

    Barman58 said: View Post
    Predesigned whitelists are a serious issue for antiransomware, as any executable can be the bad one, even if it appears to be a totally benign part of the OS or a standard windows "filler" app.

    The problem with ransomware is that it targets file areas where even a standard user has full control access - Spoof a suitable OS tool that is included in a whitelist and you have full access to encrypt all the user files. But if a standard OS tool attempts to access a file area and you as the user has not initiated it then you at least have something that needs checking immediately, ( unless you a click everything you see kind of person, and those are beyond help )
    I understand what you're saying but if I whitelist explorer.exe, (and I'm going to have to do that) then the protection of this feature for this app is null and void for that exe, anyway.

    Its the same deal with many other apps the user is obviously going to whitelist as time goes on.

    Best you can do is make sure the definitions for whitelisted exes are properly hashed with digital sigs. Incorrect Hash or missing sig triggers user prompt.
      My ComputersSystem Spec


 
Page 2 of 4 FirstFirst 1234 LastLast

Related Threads
Fall Creators Update in General Support
Has anyone installed it yet? If so did it break anything for you? Debating If I should update or not.
Solved Oct 17 Creators Fall update in Installation and Upgrade
Why is the Fall Creators update coming on Sunday instead of Tuesday? I still haven't received the April Creators update. Will Fall update skip the April update? Just curious.
Fall Creators Update in General Support
Anyone know what changes or improvements will be in the fall update?
Read more: Microsoft will call Windows 10's next update the 'Autumn Creators Update' in the UK | Windows Central Update: The Windows 10 Autumn Creators Update will be called 'Fall Creators Update' after all | Windows Central
Source: Windows 10 Creators Update provides next-gen ransomware protection Windows Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:45.
Find Us