WriteProtection

[CodeCracker]

WriteProtection:
Will write protect all files from a directory having specific extensions and selected additional files.
I was wondering how effective is this.... ???
According to ChatGpt:
A Deny ACL can stop malware running under normal user privileges, but it will
not reliably stop malware that gains Administrator or SYSTEM privileges.

A deny ACL can protect files from ransomware if it prevents the infected account
from modifying those files, but it does not generally protect files that the
infected account is already allowed to write to.

So ChatGPT contradict itself; so wondering how effective is this of-course for files that are already protected!
for different types of malware but especially for ransomware. Has the ransomware ability to change ACL permission for files or is not coded to do such task?

[CodeCracker]

According to google search:
Yes, ransomware actively uses the ability to change Access Control List (ACL) permissions. By modifying ACLs or taking ownership of files, ransomware can bypass security restrictions, remove access barriers, and prevent security tools from stopping the encryption process.
Common techniques and tools ransomware actors use to abuse ACLs include:
Resetting Permissions (icacls): Ransomware families (like Ryuk, WannaCry, and BlackByte) heavily use the native Windows command-line utility icacls (e.g., icacls . /grant Everyone:F /T /C /Q) to wipe out existing access-based restrictions on files and directories, allowing anyone full control.
Taking Ownership (takeown): To modify permissions, a process sometimes needs to become the owner of the file. Ransomware tools like WastedLocker and BitPaymer invoke takeown.exe to seize file ownership before resetting the ACLs.
Disabling Security Tools: Some variants modify the binary ACLs of antivirus and EDR executables to prevent security agents from running or scanning the malicious files

https://superuser.com/questions/1686584/permission-settings-to-protect-shared-folders-from-ransomware-on-windows-10