
Windows 10's “Controlled Folder Access” Anti-Ransomware Feature Is Now Live - workerthread
https://www.bleepingcomputer.com/news/microsoft/windows-10s-controlled-folder-access-anti-ransomware-feature-is-now-live/
======
SpikeDad
This is fine and dandy except for the fact the vast majority of people that
get hit with such ransomware malware (i.e., low computer knowledge folks) a)
won't enable this feature because they don't understand it and b) malware will
simply evolve to socially engineer folks to turn it off.

If you can get someone to believe some random, Indian accented fellow calling
saying they're from Microsoft and would the person please give them full
remote access to the computer then it's child's play to get them to disable
any optional, controllable feature in order to allow malware to spread.

And since CFA only protect user files the malware can still infect and block
access to Windows and most people would then believe ALL their files were
locked down rather than just Windows system files.

I guess for enterprise folks that can deploy via AD this might offer a bit of
security although it's not clear if CFA can protect network files which of
course would be just a vulnerable to malware when the attacked user have
read/write privs in network directories.

