With the release of the new Windows 10 Creators Fall Update last week, operating system users have acquired a new feature that aims to stop banning ransomware from encrypting the most important computer files.
It is called controlled folder access and is part of Windows Defender Exploit Guard, a new protection feature that takes the steps of Microsoft's Enhanced Mitigation Experience Toolkit (EMET).
How does managed folder access work?
Control folder access locks folders, allowing only authorized whitelisted applications to access and modify the files contained in them.
By default, it protects the folders where important data such as documents, images, movies, and desktop is stored.
These folders can not be removed from the list of protected folders, but other folders can be added, even if they are on other disks, shared network files and mapped drives.
"You can also allow trusted applications to access protected folders, so if you use unique or custom programs, your productivity will not be affected." says Microsoft.
If, on the other hand, an unauthorized application tries to make a change to the files of those folders, the new feature will stop it and the user will receive a notification of what happened on his computer.
Enable Controlled Folder Access in Windows 10
The easiest way for home users is to activate through the Windows Defender Security Center, from the "Virus and Threat Protection" menu.
With a click on "Antivirus and Threat Protection Settings" switch to the "On" switch. Immediately after you can add new folders to the list of protected folders and applications that can be accessed. "In business environments, access to the controlled folder can also be enabled and managed using Group Policy, PowerShell or configuration for managing mobile devices," according to Microsoft.
"Controlled folder access is seamlessly integrated with Windows Defender Advanced Threat Protection. Whenever controlled folder access blocks an attempt to make changes to protected folders, a notification appears in Windows Defender ATP. This warns the company's staff to take immediate action. "
Endpoint alerts can be customized so that administrators can include instructions for end users about what should happen next.
Note: to use controlled folder access, real-time protection should be enabled in Windows Defender Antivirus.
Windows 10 CFA Works?
It sounds great but we have not tried it. According others though the new feature seems to work flawlessly…. At the moment, with ransomware circulating to date.