Researcher Bypasses Windows Controlled Folder Access[source: bleepingcomputer]
by CIRT Team
A security researcher has found a way to bypass the “Controlled Folder Access” feature added in Windows 10 in October 2017, which Microsoft has touted as a reliable anti-ransomware defensive measure.
This feature, described in more depth in this Bleeping Computer review, is part of the Windows Defender antivirus built into all versions of Windows 10.
Users who updated to the Windows 10 Fall Creators Update received an update for Windows Defender named Controlled Folder Access (CFA) that allows them to block any modifications to files found in user-designated directories.
The user must manually approve any app that’s allowed to edit files located in CFA folders by adding each app’s executable to a whitelist managed through the “Allow an app through Controlled folder access” option.
For more, click here.