Controlled Folder Access Windows 10 feature against ransomware
Ransomware is a real pain for both large businesses and individuals, since it has lately become the most popular way to encrypt end-user information and then anonymously squeeze money for returning everything back.
In some of our previous articles, we wrote about the most popular ways to avoid being infected by ransomware. Now Microsoft added their own brick to the wall of protection against unwanted encryption software.
Windows did not have any response to ransomware threats for a long time until now, but finally, with Windows 10 Fall Creators update, they introduced a feature called Controlled Folder Access
This feature is a part of the inbuilt Windows Defender suite, so unlike other third party protection software, it is free for Windows 10 users.
So what does it do? It restricts untrusted applications from making changes in the defined folders, meaning that if some app, that is not in the list of trusted by you or by Microsoft, tries to make changes, it will not be able to do that. The feature is turned off by default, so in order to add it up to you antiransomware protection you will need to turn it on. Please follow the instructions below to activate Controlled Folder Access feature in your Windows 10 (but first, make sure you have the Fall Creators update installed).
At first, navigate to Windows Defender Security Center, by clicking on the “Shield” icon at the bottom right of the screen or by finding it in the Start menu search.
When opened, as on the screen above, please click “Virus & Threat protection”.
This will open the screen with protection statistics and details. Click “Virus & threat protection settings” then.
Almost there. Now scroll down till you see the section with “Controlled folder access” and turn it on.
Once turned on, Windows will start monitoring the selected folders and notify you if suspicious behaviour has been detected. Windows has already included some default folders like “Documents”, “Pictures”, “Desktop” etc. to the pool, but do not forget to add your other folders to the protection list. To do this, just click “Protected folders” link in the same section, then click “+” and start adding.
If you have Google Drive app or any other similar cloud software, integrated into Windows Explorer, I would advise to add their folders too, since they are vulnerable to ransom attacks. In case “Controlled folder access” starts blocking your trusted applications (you will definitely notice this from the notifications), just add these apps to the trusted list.
To do this, navigate back to the “Controlled folder access” section (where you turned it on) and click on “Allow an app through Controlled folder access”. Here, clicking on “+” button, you can add your trusted apps to the allowed list.
Windows does not show here their own list of allowed apps, though Microsoft Office and other Microsoft applications are there for sure. Maybe some apps from Microsoft Store are also in the allowed list.
What I personally liked about “Controlled folder access” feature is that it protects your files even after you accidentally run the program “As Administrator” or if the program was launched as a result of some Windows vulnerability.
- Posted by Author
- On November 7, 2017
- 0 Comments