Windows 10: Change Windows Defender Controlled Folder Access Settings - Windows 10  

Page 6 of 6 FirstFirst ... 456
  1.    2 Weeks Ago #50

    Firefox trying to make changes to %userprofile%\Desktop is driving me crazy!

    Since a browser is the first to face the threats, how safe is to add it to the exception list?
    I'm worried about worms and other stuff that could hijack the .exe
      My ComputerSystem Spec

  2. Posts : 10,759
    Windows 10 (Pro and Insider Pro)
       2 Weeks Ago #51

    Jack07 said: View Post
    Firefox trying to make changes to %userprofile%\Desktop is driving me crazy!

    Since a browser is the first to face the threats, how safe is to add it to the exception list?
    I'm worried about worms and other stuff that could hijack the .exe
    Same thoughts here... I'm not adding it to exceptions for now. On the other side, if browser is compromised and you're running it as admin, the damage is already done...
      My ComputerSystem Spec

  3. Posts : 31
    Windows 10 Pro 64 bit Creators Update
       2 Weeks Ago #52

    Cliff S said: View Post
    Tried it for about 15 minutes then turned it off again

    It was blocking OneDrive & File Explorer from making changes, and if I need to white list Microsoft's own built in software, to me anyhow, disaster is preprogrammed

    Oh, and it even blocked me from restoring something from the recycle bin!
    Sadly this is yet another software from Microsoft that is poorly designed. If one with at least half a brain looked into this mess and redesigned "Protected Folders" it could be a useful software. Now, it's just an nuisance.
      My ComputersSystem Spec

  4. Posts : 1,270
    WinX Pro x64 IP current
       2 Weeks Ago #53

    I disagree - it is perfectly designed, and I'll warrant that a lot of other software could learn from this example.

    When you enable it, it is enabled across the board for all software, even stock Windows software. If you want to make an exception, you have to make it manually.

    It's way better than starting the software with a default set of exceptions, many of which most people will not use, and thus also provide a possible loophole for malicious software to exploit. You want XYZ program to access restricted folders, you have to explicitly allow it - Micro$oft is not going to make any assumption on what you might want to allow and might want to block.

    It's completely simple and effective in that way.
      My ComputersSystem Spec

  5. Posts : 2,132
    Windows 10 Pro x64 FCU - XP/Vista/Win7/Win8.1 in VM for testing
       2 Weeks Ago #54

    The other thing that some do not realise is that when you whitelist an executable you are whitelisting that application running from that specific location, so if you somehow end up with a rogue application with the same name as the one you have whitelisted, it will throw up an exception message and prevent the application from accessing the data. This assumes that your applications are located correctly in the Program Files or Program Files (x86), and owned by trustedinstaller, and thus cannot be replaced by any lesser process
      My ComputerSystem Spec

  6. Posts : 18,903
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       2 Weeks Ago #55

    Researcher Bypasses Windows Controlled Folder Access

    Ransomware can use Office OLE objects to bypass CFA
    Jesus says that a ransomware developer could easily bypass Microsoft CFA anti-ransomware feature by adding simple scripts that bypass CFA via OLE objects inside Office files.

    In research published over the weekend, Jesus includes three examples that utilize boobytrapped Office documents (received via spam email) to overwrite the content of other Office documents stored inside CFA folders; password-protect the same files; or copy-paste their content inside files located outside the CFA folder, encrypt those, and delete the originals.

    While the first example is just destructive, the last two will work as an actual ransom, with victims having to pay the ransomware author for the password/decryption code that unlocks the files.

    Jesus displeased with Microsoft
    Jesus said he notified Microsoft about the issue he discovered. In a screenshot of the email he received from Microsoft, Jesus said the OS maker didn't classify the issue as a security vulnerability but said it would improve CFA in future releases to address the reported bypass method.

    "That really means Microsoft will fix the vulnerability that should be classified as Mitigation bypass without acknowledgment," said Jesus, referring to the fact that he'll get no credit or bug bounty reward for the issue he pointed out.
    Researcher Bypasses Windows Controlled Folder Access Anti-Ransomware Protection
      My ComputersSystem Spec

Page 6 of 6 FirstFirst ... 456

Related Threads
How to Create a Windows Defender Settings shortcut in Windows 10 Windows Defender helps protect your PC against malware (malicious software) like viruses, spyware, and other potentially unwanted software. Malware can infect your PC without your...
Hi, I just build up a new pc and changed from W7 to new era of W10 :-) Was not that easy and pleasant experience as I thought. I have huge storage capability with this new pc but since I'm using very fast Intel 512Gb 600p M.2 SSD as C drive, I...
Hey all, I've been using the tutorials and tips here for a bit now, but I've run into a problem I can't seem to find anywhere. I use List view to help me sort music. However, my folders are spread across different drives, so I have to use a...
I upgraded my custom PC a while ago (a couple months) from Windows 7 Home to Windows 10 Home and when I go into Windows update to enable insider features but it's greyed out and at the top it says "Some settings are controlled by your operator" this...
Following instructions from a game manufacturer I changed the 'read only' settings for users / documents folder. Win 10 now disfunctions (instable, search unavailable, chrome closing incorrectly, etc). How should I proceed to restore the folder...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 07:33.
Find Us