Petya Ransomware
Petya Ransomware

Windows 10 Ransomware Protection GPO

Virus and threat protection

Section Virus and threat protection contain information and settings to protect your computer from viruses and other AV products.

This section contains settings and information for ransomware protection in Windows 10 version 1803. You can also find settings for Controlled Folder Access to prevent unknown programs from altering files in protected folders. Additionally, the Microsoft OneDrive configuration is available to help you recover after a ransomware attack. In the event of a ransomware infection, this area notifies users and gives recovery instructions.

These articles can be used by IT professionals and IT administrators to get more configuration information.

  • Microsoft Defender Antivirus for Windows Security App
  • Microsoft Defender Antivirus documentation library
  • Protect your important folders with Controlled Folder Access
  • Protect yourself against cybercrime by using new Office 365 capabilities
  • Microsoft Defender for Office 365
  • Ransomware detection, recovery of your files

The Virus and threat protection section can be hidden from the user. This is useful if employees don’t wish to have access to these options.

Hide the virus & threat protection section

Group Policy can be used to hide the entire section. This section will not be displayed on the Windows Security app’s home page, nor will its icon appear in the navigation bar at the side.

This is only possible in Group Policy.

Important

Requirements

Windows 10 version 1709 or higher is required. These Group Policy settings are not included in the ADMX/ADML templates files for Windows versions before Windows 10.

  1. Open the Group Policy Management Console on your Group Policy management computer. Right-click the Group Policies Object that you wish to configure, and then click Edit.
  2. Go to Computer configuration then click Administrative Templates.
  3. Expand the tree to Windows parts > Windows Security > Virus protection.
  4. Set Enabled to open the Hide Virus and Threat Protection Area settings. Click OK.
  5. Activate the GPO update as you would normally.

Notification

You can hide any sections to show a restricted interface. As shown in the following screenshot.

img alt=”Windows Security App with all sections hidden due to Group Policy.” data-linktype=”relative-path” src=”https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/images/wdsc-all-hide.png”/>

Hide the Ransomware protection zone

Group Policy can be used to hide the Ransomware Protection area. This area will not be visible in the Virus and threat protection section.

This is only possible in Group Policy.

Important

Requirements

Windows 10 version 1709 or higher is required. These Group Policy settings are not included in the ADMX/ADML templates files for Windows versions before Windows 10.

  1. Open the Group Policy Management Console on your Group Policy management computer. Right-click the Group Policies Object that you wish to configure, and then click Edit.
  2. Go to Group policy management editor and click Administrative Templates.
  3. Expand the tree to Windows parts > Windows Security > Virus protection.
  4. Set Enabled to the Hide Ransomware Data Recovery Area setting. Click OK.
  5. Activate the GPO update as you would normally.