For all the programming and brainpower that goes into protecting systems today, anti-virus programs are always going to be desperately playing catch-up when it comes to zero-day attacks, I would like to create an access policy through Windows that looks something like this:
Name: Block access to *.doc except for winword and other allowed programs
Processes to include: * (all)
Exceptions: winword.exe, chrome.exe, adobe.exe, explorer.exe (there are more to include, this is just an example)
File/folder name to bloc: *.DOC
Actions to block" Write access to files, New files being created
With the above policy in place, an illegitimate ransomware virus executable, e.g. deathstar.exe, would be unable to write to the data files because the access policy would block their efforts to write to and encrypt the protected data files.
I would want to do this for all main file types, e.g. *.doc/docx, *.xls/xlsx, *.pdf etc.
With what tools can I put these rules into place on a given Windows XP / 8 / 10 PC and/or on a Windows 2008 / 2012 / 2016 server?