Table of Contents
In this article we will show you how to Enable Controlled Folder Access in Windows 11/10. Malware and ransomware have become a lot smarter in the past few years. They use user files and data as hostages to get what they want. Microsoft came up with a clever way to protect user data from these kinds of attacks to solve this problem. The controlled folder access feature was made to keep ransomware and other types of malware from getting into user files and data.
“Controlled folder access” is an intrusion-prevention feature of Windows 11/10 that can be found in Microsoft Defender Exploit Guard, which is part of Microsoft Defender Antivirus. Its main goal is to stop ransomware from encrypting your files and holding them for ransom. It also stops other malicious programs from making unwanted changes to your files. On Windows, you can choose whether or not to use anti-ransomware. If you want to know more information about this Visit Official Microsoft Support site.
When it is turned on, it uses a way to keep track of apps that try to change files in protected folders. If the app is malicious or not known, the feature will block the attempt in real time and let you know about it. On Microsoft desktop platforms, the Windows Security antivirus app has a feature called “controlled folder access.” This feature stops ransomware by keeping files in protected folders from being changed. When you turn on controlled folder access, malware and other apps that you don’t trust won’t be able to change files in protected directories. Here ate the steps to show you how to Disable Controlled Folder Access.
Use Windows Powershell
- Press the Windows key + S to open the file search tool.
- Type PowerShell into the search tool that has been turned on.
- Select Run as administrator to start PowerShell in administrator mode.
- Type the following command and hit Enter to allow controlled folder access:
- Set-MpPreference -EnableControlledFolderAccess Enabled
- Type the following command to turn off controlled folder access:
- Set-MpPreference -EnableControlledFolderAccess Disabled
Remove Controlled Folder Access
- Start up the Registry Editor.
- Go to the following location of a registry key: HKEY_CLASSES_ROOT\DesktopBackground\Shell\ControlledFolderAccess
- Right-click on the key that says “Controlled Folder Access“.
- Click “Delete” and then “Yes” to get rid of the key.
Use the Group Policy Editor
The Microsoft Windows Group Policy Editor (gpedit.msc) is a program that lets administrators change how the operating system and its programs are set up. It gives an organization or group of computers a way to control and enforce settings like security policies and user preferences from one place.
The Group Policy Editor comes with Windows Pro, Windows Enterprise, and Windows Server, as well as Windows Server. Some versions of Windows, like Windows Home, don’t have it.
- Type gpedit.msc into the search box in Windows.
- Group Policy Editor
- Go to Computer Setup > Administrative Templates
- If you double-click Windows Components, it will get bigger.
- Click the arrows to show more of Microsoft Defender Antivirus and Microsoft Defender Exploit Guard.
- To see its policy settings, click on Controlled Folder Access.
- If you double-click “Configure Controlled folder access,” its settings window will open.
- Choose the radio button “Enabled.”
- Choose Block from the drop-down menu to turn on the strictest mode.
- In the Configure Controlled folder access window, click the Apply button.
- Click the OK button.
Use Windows Security
- Double-click the Windows Security app shield icon in the system tray to see it.
- Choose the tab for virus and threat protection.
- Click Manage ransomware protection to get to the setting for Controlled folder access.
- Turn on the Controlled folder access option to make it work.
- Click the Protected folder button to see a list of the user directories that are protected.
- Click Add protected folder, choose a directory, and then click Select Folder to add it to the list.
Use the Notepad
- Open Notepad.
- Copy the script text below:
- Copy the script and press Ctrl + V to paste it into Notepad.
- Press Ctrl + Shift + S to save the script as a registry file.
- Set Save as type for all files.
- Identify the file Control folder access.reg must be turned on.
- Put the file on your desktop.
- Close Notepad.
- Double-click the Turn on Control folder access.reg file on your desktop.
- Choose Yes to confirm that you trust the script.
What is Controlled Folder Access in Windows?
Controlled Folder Access is a security feature that Microsoft made to protect user data and the computer where the data is stored. By turning on this feature, malware and ransomware won’t be able to hold the data hostage and use it for bad purposes. It is a new feature of Windows Defender, which is now called Windows Security on Windows 10 and Windows 11 devices. It stops malware from using your data and stops malicious apps from making changes to your files that you don’t want.
Even though it is a feature that works once it is turned on, it already protects some system folders by default, such as c:usersusername>documents, etc. Once controlled folder access is set up and turned on, only trusted apps can access protected folders. It keeps track of apps and what they do and blocks any attempts from apps that aren’t on its list of trusted apps. Windows server 2019, 2022, 10, and 11 all support the feature.