23 Oct 2017

With the release of Windows 10 Fall Creators Update last week, the “Controlled Folder Access” that Microsoft touted in June is now live for millions of users.

As the name hints, the Controlled Folder Access feature allows users to control who can access certain folders.

The feature works on a “block everything by default” philosophy, which means that on a theoretical level, it would be able to prevent ransomware when it tries to access and encrypt files stored in those folders.

The benefits of using Controlled Folder Access for your home and work computers are tangible for anyone that’s fearful of losing crucial files to a ransomware infection.

If you want to give Controlled Folder Access a go, below are the basic steps to enable it on your PC.

Step 1

Press the Start button and type “Windows Defender Security Center.” Select the option when visible. The following window should appear.

There’s a high chance you might select the wrong option and end up in the Windows Defender Settings section. In this case, just press the obvious “Open Windows Defender Security Center” button that appears at the top of the window.

Step 2

In the “Windows Defender Security Center” select the second option in the side menu named “Virus & threat protection” and then select the “Virus & threat protection settings” option from the main window.

Step 3

Scroll down on this page and locate the “Controlled folder access” section. To enable the feature, just click the On/Off toggle.

Step 4

First thing first, select the “Protected folders” sub-option and add all the folders you want to restrict access to.

Step 5

Now it’s time to select the second option named “Allow an app through Controlled folder access.” This option will whitelist the apps that are allowed to access, edit, create or remove files from protected folders.

Admins can enable Controlled folder access via the Windows Defender Security Center, Group Policy, PowerShell, or via a mobile device management configuration service provider. They can also manage which folders are protected and which apps are whitelisted through these tools.

Microsoft automatically allows a set of apps it considers trustworthy to access files protected by Controlled folder access. Admins can use Windows Defender Security Center app or Group Policy to add and remove apps that can access these files.

In the enterprise, Controlled folder access is one of four components of the Fall Creators Update’s Windows Defender Exploit Guard, along with Attack Surface Reduction (ASR), Network protection, and the EMET-based Exploit Protection.

ASR requires enabling Windows Defender antivirus and can prevent common techniques used in malware, by blocking hidden macro code and stopping Office apps from creating executable content.

IT Security Professional – Security Researcher & Consultant for the Government, Enthusiast, Malware Analyst, Penetration Tester.

Leave your thought

This site uses Akismet to reduce spam. Learn how your comment data is processed.