A new type of ransomware named Bad Rabbit has emerged and is currently spreading across Europe. In light of this, it’s understandable that users would want to take efforts to protect themselves from being infected (as let’s face it, a machine compromised with ransomware will need to be formatted and re-installed).
Windows 10 users have the option of enabling a hidden security feature which prevents ‘unfriendly’ applications (and most known strains of ransomware) from modifying files within protected folders and I will show you how to enable it.
In case you aren’t aware, ransomware is a strain of malware that encrypts system files as well as your personal files and ‘holds them ransom’ by demanding payment for decryption. Needless to say, should you be foolish/desperate enough to actually pay the money there’s absolutely no guarantee that you will receive the decryption key.
By enabling Controlled Folder Access, the malware will be blocked from making changes within known locations, it’s a nifty feature that is turned off by default but can easily be enabled.
Ensure Windows 10 is updated with the latest Fall Creators update (1709).
Ensure Windows Defender Security Center real-time protection is enabled – unfortunately, the Controlled Folder Access feature does not work with 3rd Party virus protection.
Open Windows Defender Security Center and scroll down to Controlled Folder Access, and toggle to switch to on:
You can also add your own folders to the list by selecting Protected Folders > Add a protected folder:
And finally, should you need to white-list a flagged app you can select Allow an app through Controlled folder Access > Add an allowed app:
Should you decide that the Controlled Folder Access feature is not for you, you can easily toggle the option back to off.