If you mistakenly choose Windows Defender Settings, select again the Open Windows Security Center to open the dialog box to find.
Enable ransomware Controlled Folder Access on Windows 10 Picture 2
Choose again to open the Security Center
Step 2:
At the opened window, select Virus & Threat Protection > Virus & Threat Protection Settings.
Enable ransomware Controlled Folder Access on Windows 10 Picture 3
Set up virus protection and threats
Step 3:
Go to the Controlled Folder Access section in this section and drag the On / Off slider to turn it on.
Enable ransomware Controlled Folder Access on Windows 10 Picture 4
Drag the slider to turn it on
Step 4:
In the Protected Folders section , select the additional folders you want to protect. There are already several directories here.
Enable ransomware Controlled Folder Access on Windows 10 Picture 5
Add folder to protect
Step 5:
In the Allow an app through Controlled folder access section , you choose to whitelist applications that are allowed to access, edit, create or delete files in protected folders.
Enable ransomware Controlled Folder Access on Windows 10 Picture 6
Put the application to whitelist to give access
See also: 6 remarkable security features on Windows 10 Fall Creators Update
In addition to the above, there are 2 other ways to enable Controlled Folder Access. The easiest way is to run the PowerShell command.
Set-MpPreference -EnableControlledFolderAccess Enabled
To turn it off, just run the same command but replace it with 'Disabled'.
In addition, system administrators in large organizations can also use Group Policy Management Console to enable this feature for users across the network.
Enable ransomware Controlled Folder Access on Windows 10 Picture 7
Management for the entire system through the Group Policy Management Console
You can use Group Policy to select the accessed applications and protected folders for each computer in the domain.
Enable ransomware Controlled Folder Access on Windows 10 Picture 8
Enable ransomware Controlled Folder Access on Windows 10 Picture 9
Select the directory and application for the computer in the system
When any unauthenticated software tries to edit the file in these folders, the user will receive a warning in the Windows Notification bar . Windows Defender also recorded in event history.
Enable ransomware Controlled Folder Access on Windows 10 Picture 10
Warning when software tries to access the protected folder
Note that for Controlled Folder Access to work, you must turn on real-time protection in Windows Defender.
In testing with variants of Asasin malware Locky, x1881 CryptoMix, Comrade HiddenTear and Wyvern BTCWare, Controlled Folder Access did its job well, blocking these ransomware from encrypting files in the protected folder. Other folders are still encrypted as usual.
Enable ransomware Controlled Folder Access on Windows 10 Picture 11
Unprotected folders are still encrypted by ransomware
Another side effect is that when executable files of whitelisted folders edit files in a protected folder, Controlled Folder Access blocks this and does not display a message indicating.