Controlled Folder Acess comes as a part of Windows Defender Exploit Guard and blocks malicious executable files, scripts, and DLLs from accessing folders when Controlled Folder Acess is enabled. When a blacklisted program attempts to open or change folders and the files therein, the user gets notified of the unauthorized access.
The new ransomware protection feature is enabled by default in common folders in C:/users/public. Users can add additional folders to block access to them. Also, you can specify trusted applications that will get whitelisted to access your protected folders without asking for permission.
Moreover, the new ransomware protection feature comes with an audit mode which will let you simulate the conditions when Controlled Folder Access is enabled without actually enabling it. Administrators can use this to view event log to see the impact it will have on their organization.
“Ransomware attacks grow more and more sophisticated every day. To keep you safe, we are continually improving Windows to protect against ransomware and other threats. Windows 10 is the safest version of Windows yet. Controlled folder access is designed to help reduce the risk of ransomware attacks, keeping your user and businesses data safe,” says Tanmay Ganacharya, Principal Group Manager at Windows Defender Research.
Users can enable Controlled Folder Access through the Windows Defender Security Center Application in Windows 10 by opening the Virus & Threat protection Settings. A click on a toggle button will activate controlled folder access. Users of enterprise environment can also activate it from PowerShell, Group Policy, or configuration service providers for MDM.
Although this feature can prevent ransomware from taking over your data, it adds a layer of protection only to your files. It is advisable to use an updated anti-virus protection and to stay updated on such threats to take necessary precautionary measures.