Concerns with EFS in Windows (yes this is a defender question)

%3CLINGO-SUB%20id%3D%22lingo-sub-1952711%22%20slang%3D%22en-US%22%3EConcerns%20with%20EFS%20in%20Windows%20(yes%20this%20is%20a%20defender%20question)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1952711%22%20slang%3D%22en-US%22%3E%3CP%3ECurrently%20in%20our%20environment%2C%20we%20have%20EFS%20disabled%20to%20help%20reduce%20the%20risk%20of%20ransomware.%26nbsp%3B%20We%20have%20come%20across%20an%20app%20(3d%20viewer)%20that%20requires%20EFS%20not%20to%20be%20disabled%20and%20we%20do%20have%20a%20business%20need%20for%20the%20application.%3C%2FP%3E%3CP%3EThere%20are%20several%20companies%20that%20have%20mentioned%20the%20risk%20of%20EFS%20and%20ransomware%20and%20they%20have%20released%20fixes%20to%20reduce%20this%20risk.%26nbsp%3B%20Does%20defender%20protect%20against%20this%20type%20of%20risk%3F%26nbsp%3B%20Here%20is%20an%20example%20of%20the%20risk%3A%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.sophos.com%2Fsupport%2Fs%2Farticle%2FKB-000039232%3Flanguage%3Den_US%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3EWindows%20Encrypting%20File%20System%20Ransomware%20Research%20(sophos.com)%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Currently in our environment, we have EFS disabled to help reduce the risk of ransomware.  We have come across an app (3d viewer) that requires EFS not to be disabled and we do have a business need for the application.

There are several companies that have mentioned the risk of EFS and ransomware and they have released fixes to reduce this risk.  Does defender protect against this type of risk?  Here is an example of the risk:
Windows Encrypting File System Ransomware Research (sophos.com)

 

 

0 Replies