Windows 10 and 11 Add Built-in Ransomware Defenses for 2026 as Microsoft Urges Backups
Updated
Updated · Computerworld · May 29
Windows 10 and 11 Add Built-in Ransomware Defenses for 2026 as Microsoft Urges Backups
8 articles · Updated · Computerworld · May 29
Microsoft’s updated 2026 guidance centers on Controlled Folder Access, a built-in Windows 10 and 11 feature that blocks untrusted apps from changing protected files but is off by default.
Windows 11 25H2 and Windows 10 22H2 users can turn it on through Windows Security, then expand protection beyond default folders such as Documents, Desktop, Pictures and Videos.
The setup also lets users whitelist trusted apps that would otherwise be blocked; in Windows 11, OneDrive folders are automatically covered when the feature is enabled.
Microsoft pairs that with versioned cloud backups, rapid Windows and malware-definition updates, and disabling Office macros, which remain a common ransomware delivery route.
For organizations, the article points to patching all systems, disabling SMB1, using Group Policy or PowerShell to deploy Controlled Folder Access, and testing in audit mode before broad rollout.
As AI automates ransomware attacks to mere seconds, are manual user defenses like Controlled Folder Access becoming obsolete for corporate security?
With AI finding new exploits, why do old security gaps like unpatched protocols still cause today's biggest and most costly breaches?
If ransomware profits are declining, why are attacks reaching record highs and costing businesses billions more than ever before?