Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Enable ransomware Controlled Folder Access on Windows 10
Since updating Windows 10 Fall Creators Update, the protection feature of the Controlled Folder Access folder that Microsoft introduced since June has officially reached millions of users.
As its name suggests, this feature allows users to control access to certain directories. With the philosophy of 'blocking everything', it can theoretically block ransomware when trying to access and encrypt files inside.
- Theory - What is Ransomware?
Anti Ransomware with Controlled Folder Access Windows 10
Step 1:
Click the Start button and type Windows Defender Security Center and click. The following window will appear.
Enable ransomware Controlled Folder Access on Windows 10 Picture 1
Windows Defender Security Center window
If you mistakenly choose Windows Defender Settings, select again the Open Windows Security Center to open the dialog box to find.
Enable ransomware Controlled Folder Access on Windows 10 Picture 2
Choose again to open the Security Center
Step 2:
At the opened window, select Virus & Threat Protection > Virus & Threat Protection Settings.
Enable ransomware Controlled Folder Access on Windows 10 Picture 3
Set up virus protection and threats
Step 3:
Go to the Controlled Folder Access section in this section and drag the On / Off slider to turn it on.
Enable ransomware Controlled Folder Access on Windows 10 Picture 4
Drag the slider to turn it on
Step 4:
In the Protected Folders section , select the additional folders you want to protect. There are already several directories here.
Enable ransomware Controlled Folder Access on Windows 10 Picture 5
Add folder to protect
Step 5:
In the Allow an app through Controlled folder access section , you choose to whitelist applications that are allowed to access, edit, create or delete files in protected folders.
Enable ransomware Controlled Folder Access on Windows 10 Picture 6
Put the application to whitelist to give access
See also: 6 remarkable security features on Windows 10 Fall Creators Update
Another way to enable Controlled Folder Access
In addition to the above, there are 2 other ways to enable Controlled Folder Access. The easiest way is to run the PowerShell command.
Set-MpPreference -EnableControlledFolderAccess Enabled
To turn it off, just run the same command but replace it with 'Disabled'.
In addition, system administrators in large organizations can also use Group Policy Management Console to enable this feature for users across the network.
- Step 1: On the Group Policy management machine , open the Group Policy Management Console, right-click on the Group Policy Object you want to select and click Edit.
- Step 2: At Group Policy Management Editor, select Computer Configuration.
- Step 3: Click Policies > Administrative Templates.
- Step 4: Expand Windows Components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled Folder Access.
Enable ransomware Controlled Folder Access on Windows 10 Picture 7
Management for the entire system through the Group Policy Management Console
- Step 5: Double-click the Configure Controlled acces folder and select Enabled.
You can use Group Policy to select the accessed applications and protected folders for each computer in the domain.
Enable ransomware Controlled Folder Access on Windows 10 Picture 8 
Enable ransomware Controlled Folder Access on Windows 10 Picture 9
Select the directory and application for the computer in the system
When any unauthenticated software tries to edit the file in these folders, the user will receive a warning in the Windows Notification bar . Windows Defender also recorded in event history.
Enable ransomware Controlled Folder Access on Windows 10 Picture 10
Warning when software tries to access the protected folder
Note that for Controlled Folder Access to work, you must turn on real-time protection in Windows Defender.
Test using Controlled Folder Access to block ransomware
In testing with variants of Asasin malware Locky, x1881 CryptoMix, Comrade HiddenTear and Wyvern BTCWare, Controlled Folder Access did its job well, blocking these ransomware from encrypting files in the protected folder. Other folders are still encrypted as usual.
Enable ransomware Controlled Folder Access on Windows 10 Picture 11
Unprotected folders are still encrypted by ransomware
Another side effect is that when executable files of whitelisted folders edit files in a protected folder, Controlled Folder Access blocks this and does not display a message indicating.
Jessica TannerYou should read it
- 7 kinds of ransomware you didn't expect
- How to use Kaspersky Anti-Ransomware Tool for Business
- List of the 3 most dangerous and scary Ransomware viruses
- Windows 10 brings many security tools in the new update
- Summary of effective Anti-Ransomware software
- How to enable Ransomware Protection on Windows
- [Infographic] 7 effective ways to protect businesses from Ransomware
- Theory - Ransomware part 2
- Windows SMB users should close some ports to prevent WannaCry
- Theory - What is Ransomware?
- How to remove Moba ransomware from the operating system
- What is Ransomware Task Force (RTF)?
Maybe you are interested
Windows 10
How to recover 30 GB of storage after Windows 10 Fall Creators Update- How to reset Windows 10 Fall Creators Update
- How to change screen lock timeout in Windows 10
- Browser tips are useful on Windows 10 Fall Creators Update
- Instructions for using File History to backup and restore data
- How to set Windows Updates download bandwidth limit in Windows 10
How to recover 30 GB of storage after Windows 10 Fall Creators Update
How to reset Windows 10 Fall Creators Update
How to change screen lock timeout in Windows 10
Browser tips are useful on Windows 10 Fall Creators Update
Instructions for using File History to backup and restore data
How to set Windows Updates download bandwidth limit in Windows 10