Ransomware protection's limited user interface means it takes ages to add each file individually, and this seems like a poor security choice: a smart attacker might entitle their malware git.exe to trick me into allowing access. A windows search of my user directory eventually turns up a number of copies of git.exe, and it's not immediately clear which of these was trying to edit the files. I've added the canonical versions of git.exe and syncthing.exe within C:/Program Files to the Allowed App list, but I now receive messages telling me that windows has blocked attempts to access files in protected folders by C:/Users/./git.exe and C:/Users/./syncthing.exe.Īnnoyingly, the ellipsis hides most of the path to the executable file. Some of these folders are under Git version control (via Github Desktop), or synchronised using Syncthing (via SyncTrayzor). I recently enabled the Ransomware protection functionality in Windows Defender, adding a series of folders to the Controlled Folder Access list. In short: Is it possible to list programs that Windows has denied access to a protected folder?
0 Comments
Leave a Reply. |