Next big win10 update is coming in a few months and is bringing "controlled folders" feature:
https://www.theverge.com/2017/6/29/15892658/microsoft-windows-10-controlled-folders-feature
What's that for you might ask. Basically, all folders Microsoft is pushing to contain user data (download, documents, desktop, etc) will disallow (over)writing files for any application that is not blessed either by Microsoft or by you. You'll be able to add additional folders to the list of protected folders, but default list is fixed and cannot be changed.
In case you're asking wtf is this, the answer is
ransomware. There will always be a security hole somewhere, so Microsoft is trying to prevent the breach aftereffect where some user now needs to pay to access their data or say goodbye to all of it.
If you ask me, this is an almost bullshit move.
The same enduser who after so many warnings still opens e-mail attachments from suspicious addresses will now on allow access question for some executable automatically click on "yes" without thinking. The only thing that's changed is now Microsoft can definetly blame it on the user instead of taking hits on their swiss cheese security holes spyware OS. Not an utter bullshit as it'll help some percentage of users who share the same machine with others as now they can disallow applications' potential rampage before nonparanoic user instaclicks "yes".
But the only real prevention is backup. And HDD space is cheap on PC, we've already switched or are switching to SSD. Internal HDDs are slowly starting to collect dust. Why Microsoft just can't automatically backup previous version(s) of a changed user file in some folder accessible only by OS in case of a restore need I just can't understand.
Microsoft's heads are on phones and consoles for years now. Where only outdated checkpoints design exists because of not enough space to save worldstate in games.
Till they return to PC and turn useless space on ancient HDDs into automated backups, I suggest everyone to still make backups manually.