Windows Defender can block Petya & GoldenEye Ransomware on Windows 10

by Madalina Dinita
Madalina Dinita
Madalina Dinita
Windows & Software Expert
Madalina has been a Windows fan ever since she got her hands on her first Windows XP computer. She is interested in all things technology, especially emerging technologies... read more
Affiliate Disclosure

A new wave of ransomware attacks starring Petya and GoldenEye Ransomware has affected thousands of computers worldwide. This attack comes only one month after the massive WannaCry attack.

Unfortunately, this time the creators of Petya and GoldenEye didn’t make the same mistake that WannaCry’s creators had done. The new ransomware features stronger encryption and a worm-like behavior. For this reason, many security specialists labelled Petya and GoldenEye as cyberattacks, rather than ransomware attempts.

Irrespective of the goal behind the recent ransomware wave, one thing is sure: victims cannot recover their files even if they pay the ransom. In other words, if your computer gets infected, avoid paying the ransom by all means. And most importantly, avoid getting infected in the first place.

READ ALSO: Prevent future ransomware attacks with this free tool

Windows Defender blocks Petya & GoldenEye Ransomware

If you want to keep your computer safe from Petya and GoldenEye, make sure that you’ve installed the latest definition updates for Windows Defender.

Windows Defender Advanced Threat Protection is perfectly capable of fully protecting your computer against Petya and GoldenEye attacks, keeping your files safe.

Microsoft explains that:

Windows Defender Advanced Threat Protection is a post-breach solution and offers by-design detections for this attack without need of any signature updates. Windows Defender ATP sensors constantly monitor and collect telemetry from the endpoints and offers machine-learning detections for common lateral movement techniques and tools used by this ransomware, including, for example, the execution of PsExec.exe with different filename, and the creation of the perfc.dat file in remote shares (UNC) paths.

To make sure that you’re running the latest Windows Defender version, you should force updates daily. Updating once a day gives you a good level of protection. At the same time, the antivirus won’t interfere with how you use your PC because you already run the latest definition updates.

Additional ways to protect your PC from ransomware

  • Upgrade to Windows 10 Creators Update: This OS version adds a series of extra-security layers against ransomware attacks. More specifically, Windows Defender uses cloud-based machine learning, deep neural networks, and other advanced automation technologies to verify suspicious files, and block threats instantly.
  • Use Windows 10 S: As a quick reminder, Windows 10 S only run apps from the Windows Store, further protecting users from ransomware.
  • Install the Windows security updates from March: Microsoft rolled out a series of important security updates in March, targeted specifically at protecting users against malware attacks. If you haven’t installed the respective updates yet, do so as soon as possible.
  • If you can’t install the March security updates right now, disable SMBv1 and add a rule on your router or firewall to block incoming SMB traffic on port 445.

As you can see, installing the latest Windows updates is essential to keeping your computer safe from ransomware attacks. If you haven’t checked for updates in quite a while, go to Settings > Update & Security > hit the ‘Check for updates’ button.


Still having issues? Fix them with this tool:


If the advices above haven't solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on to easily address them. After installation, simply click the Start Scan button and then press on Repair All.

This article covers:Topics: