Microsoft has been closely watching this new ransomware epidemic and added new features to the second major update of Windows 10 which is called the "Creators Update" — Windows 10 CU for short — which has been rolling out since a few weeks.
Presenting new anti-ransomware protection features added in Windows 10 CU, Robert Lefferts, Director of Program Management, Windows Enterprise and Security, said that no Windows 10 customer was affected by the recent WannaCry ransomware outbreak that took place in mid-May and that no (currently) known ransomware strain can infect Windows 10.
CU is a massive improvement for security
The new Windows 10 CU security features include the following, part from non-security related additions, such as a 3D version of MS Paint.
Click-to-run for Adobe Flash, in Edge — prevents ransomware and other malware from landing on Windows 10 PCs via exploits kits and drive-by downloads.
Windows Defender instant cloud protection — According to Microsoft, starting with CU, Windows Defender AV can suspend a suspicious file from running and sync with the cloud protection service to further inspect the file.
Rapid remediation mechanism (at detection) — Microsoft says it has made great strides to "remediate ransomware infection and limit ransomware activity from minutes to seconds, reducing its damage from hundreds of encrypted files to a few."
Wow64 compatibility scanning — In CU, Windows Defender AV added a process-scanning feature that uses the Wow64 compatibility layer, enabling it to better inspect system interactions of 32-bit applications running on 64-bit operating systems.
Visual process tree — in the commercial version of Windows Defender, feature of the Windows Defender ATP.
Artifact searching capabilities - added to Windows Defender ATP
Machine isolation and quarantine - added to Windows Defender ATP
Windows Edge browser — improved protection against remote code execution
The CU update stands for its incremental tweaks and behind-the-scenes improvements to important components, such as security as well as updates and privacy.
The update is available to MSDN/TechNet subscribers running the Enterprise, Education, and IoT core edition. Organizations that have the license via Volume License Service Center have been able to update since May 1.
Microsoft has a 14-page PDF with all these features detailed and even illustrated. You can download that PDF here. It is obvious that they are adding all of these features only to the most recent version, giving you an incentive to accelerate your Workstation upgrades to the latest revision. Since ransomware can really hit a company hard financially, it may be worth looking at seriously.
In a company, it is important to hire a professional IT support company who can monitor, maintain, implement, and support the computer systems. These services undoubtedly save money by preventing downtime caused by various infections and external threats.
Let's not forget, the first line of defense is the human operating the computer system. It is very important to monitor and proactively protect the computer systems and networks - as well as educate the users of handling suspicious files and links. It just takes some basic knowledge + common sense.
Click here for a complete list of features in the new Windows 10 CU.
