Microsoft Corp. is attempting to take up the good fight against ransomware with the latest Windows update, including a trial of a new anti-ransomware feature within Windows Defender.

Windows Build 16232, which was released as part of the Windows 10 Fall Creators Update, includes a feature within Windows Defender Antivirus that allows users designate specific folders or directories on their computers that applications can’t access. Called Controlled Folder Access, the new feature is specifically designed to thwart ransomware attempting to hijack and encrypt user files.

“Controlled folder access monitors the changes that apps make to files in certain protected folders,” Microsoft software engineer Dona Sarkar said in a blog post. “If an app attempts to make a change to these files, and the app is blacklisted by the feature, you’ll get a notification about the attempt. You can complement the protected folders with additional locations, and add the apps that you want to allow access to those folders.”

The new feature requires users to manually turn it on, but then Controlled Folder Access protects the Documents, Pictures, Movies and Desktop folders by default. Users can’t opt out of protecting those folders without turning the feature off altogether. Certain application are automatically whitelisted from the feature, although exactly what applications those are was not specified.

In addition to the new ransomware-fighting feature, the new build of Windows also adds a number of other features to Windows Defender, including improvements to Windows Defender Application Guard and improved exploit protection.

Application Guard has been upgraded to cover favorites, cookies and saved passwords that persist across Application Guard sessions. The persisted data isn’t shared or surfaced on the host but will be available for future Microsoft Edge in Application Guard sessions, according to the company. The improved exploit feature now allows users to audit, configure and manage Windows system and application exploit mitigation settings from the Windows Defender Security Center.

Windows Build 16232 is not available as an update to the average user, just for those who subscribe to the Windows Insider service for non-public beta Windows testing releases.

Image: dcmot/Flickr