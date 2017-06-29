Please create an account to participate in the Slashdot moderation system

 


Microsoft is making some interesting security-related changes to Windows 10 with the next Fall Creators Update, expected to debut in September. From a report: Windows 10 testers can now access a preview of the changes that include a new controlled folder access feature. It's designed to only allow specific apps to access and read / write to a folder. If enabled, the default list prevents apps from accessing the desktop, pictures, movies, and documents folders. "Controlled folder access monitors the changes that apps make to files in certain protected folders," explains Dona Sarkar, head of Microsoft's Windows Insiders program. "If an app attempts to make a change to these files, and the app is blacklisted by the feature, you'll get a notification about the attempt."

  • It should prove quite useful, especially for backups. Currently even doing a backup every day I am risking that malware will become active during the process and encrypt backups on connected external disk along with everything else. With this feature I can specify that only backup program can have access to the external drive.

  • SMB / MSI / psexec are not "Apps"... (Score:1)

    by Anonymous Coward

    But the recent malware attacks weren't simply malicious trojaned apps changing each other's files. It was spread by compromising / using system services that are meant to be used to access a broad array of files. I don't see how changing the permissions model to block inter-app accesses will fix this...

  • So it'd be enough for ransomware to impersonate those specific apps or just get into the party list. Shouldn't it?

    • It's just one more slap-dash fix in a creaky operating system riddled with legacy APIs that are now being easily strangled with NSA-ware. Adding strict user space is what made XP SP2 somewhat tenable, but this is just one more embarrassing and glaring hole, and IMHO, a great reason to take a serious look at devops and agile as software development models. Windows 10 isn't new; it's the lipstick on a pig made from thousands and thousands of attempts to get it right.

      I'm just entirely shocked that Microsoft's

  • Maybe I am wrong, but it looks like Office has been an attack vector.
    Will it be in the party list of "allowed apps"?

  • My 3 remaining Windows computers from Window 10! By keeping them on Window 7 Pro ;)

  • will be used to block steam unless you buy windows 10 pro gamer

  • Great, so... (Score:3)

    by Smidge204 ( 605297 ) on Thursday June 29, 2017 @01:54PM (#54713903) Journal

    ..the next generation of Ransomware will exploit a vulnerability in this new service to prevent YOU from accessing these folders and files.

    How very convenient!
    =Smidge=

