Windows 10's "Controlled Folder Access" Anti-Ransomware Feature Is Now Live
By Catalin Cimpanu October 23, 2017
With the release of Windows 10 Fall Creators Update last week, the "Controlled Folder Access" that Microsoft touted in June is now live for millions of users.
As the name hints, the Controlled Folder Access feature allows users to control who can access certain folders.
The feature works on a "block everything by default" philosophy, which means that on a theoretical level, it would be able to prevent ransomware when it tries to access and encrypt files stored in those folders.
The benefits of using Controlled Folder Access for your home and work computers are tangible for anyone that's fearful of losing crucial files to a ransomware infection.
If you want to give Controlled Folder Access a go, below are the basic steps to enable it on your PC.
Step 1Press the Start button and type "Windows Defender Security Center." Select the option when visible. The following window should appear.
There's a high chance you might select the wrong option and end up in the Windows Defender Settings section. In this case, just press the obvious "Open Windows Defender Security Center" button that appears at the top of the window.
ADVERTISING
inRead invented by Teads
Step 2In the "Windows Defender Security Center" select the second option in the side menu named "Virus & threat protection" and then select the "Virus & threat protection settings" option from the main window.
Step 3Scroll down on this page and locate the "Controlled folder access" section. To enable the feature, just click the On/Off toggle.
Step 4First thing first, select the "Protected folders" sub-option and add all the folders you want to restrict access to.
Step 5Now it's time to select the second option named "Allow an app through Controlled folder access." This option will whitelist the apps that are allowed to access, edit, create or remove files from protected folders.
Other ways to enable Controlled Folder AccessBesides the instructions above, there are two other ways to enable Controlled Folder Access. The easiest way is by running the following Powershell command.
Set-MpPreference -EnableControlledFolderAccess Enabled
To disable the feature, just run the same command, but with the "Disabled" argument.
In addition, system administrators in large organizations can use the Group Policy Management Console to enable the feature for users across a local network.
Step 1: On your Group Policy management machine, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and click Edit.
Step 2: In the Group Policy Management Editor go to Computer configuration.
Step 3: Click Policies then Administrative templates.
Step 4: Expand the tree to Windows components ? Windows Defender Antivirus ? Windows Defender Exploit Guard ? Controlled folder access.
Step 5: Double-click the Configure Controlled folder access setting and set the option to Enabled.
When everything's up and running, if an unauthorized program tries to edit one of the files located in a Controlled access folder, users will get a warning through the Windows Notifications sidebar, while the app trying to make the edit will get stopped dead in its tracks. Further, Windows Defender will also record the unauthorized access in the Windows event log.
 |
