- To enable ransomware protection on Windows 10, open Windows Security > Virus & threat protection, click on “Manage ransomware protection,” and turn on “Controlled folder access.”
- You can also configure the app by adding new folder locations and allowing apps you trust to prevent them from getting blocked.
Microsoft Defender Antivirus is the default anti-malware solution on Windows 10 that protects your computer from viruses, spyware, rootkits, and other malware out-of-the-box, including ransomware. While the antivirus already does fine work keeping you safe online, the Defender Antivirus also includes the “Controlled folder access” feature to make protecting your files from ransomware easier.
Controlled folder access is a feature that monitors the changes that apps make to your files. If an app tries to modify the files inside a protected folder and the app is blocked, you’ll get notified about the suspicious activity.
In this guide, I’ll teach you how to enable and configure Controlled folder access using Microsoft Defender Antivirus to protect your Windows 10 device and data against ransomware.
- Enable ransomware protection on Windows 10
- Allow apps ransomware protection on Windows 10
- Protect other folders against ransomware on Windows 10
- Disable ransomware protection on Windows 10
Enable ransomware protection on Windows 10
To enable the anti-ransomware feature on Windows 10, use these steps:
-
Open Windows Security.
-
Click on Virus & threat protection.
-
Under the “Ransomware protection” section, click the “Manage ransomware protection” option.
-
Turn on the “Controlled folder access” toggle switch.
Once you complete the steps, Microsoft Defender Antivirus will monitor the protected folders as applications try to modify your files. If a suspicious activity occurs, you’ll get a notification about the threat.
This video tutorial is focused on enabling the security feature on Windows 11, but it also applies to Windows 10.
Allow apps ransomware protection on Windows 10
This new security feature has a basic understanding of which apps are allowed to make changes to your files, but sometimes, an app you trust may get blocked by the Controlled folder access feature. If this is the case, you may need to manually allow a particular app to use these steps.
To allow apps through Controlled folder access, use these steps:
-
Open Windows Security.
-
Click on Virus & threat protection.
-
Click the Ransomware protection option.
-
Click the “Allow an app through Controlled folder access” option.
-
Click the “Add an allowed app” button to locate and allow an app.
After you complete the steps, the security feature will no longer try to block the app when it tries to modify files in the protected folders.
Protect other folders against ransomware on Windows 10
Controlled folder access protects the Documents, Pictures, Movies, and Desktop folders by default. While you can’t remove these folders from the list, it’s possible to include additional locations to protect your data from ransomware and other malware.
To add folder to the anti-ransomware protection, use these steps:
-
Open Windows Security.
-
Click on Virus & threat protection.
-
Click the Ransomware protection option.
-
Click the Protected folders opion.
-
Click the “Add a protected folder” button to locate and include the folder locations to protect.
Once you complete the steps, Control folder access will monitor the new folder locations to prevent ransomware attacks on Windows 11.
Disable ransomware protection on Windows 10
To disable the ransomware protection, use these steps:
-
Open Windows Security.
-
Click on Virus & threat protection.
-
Under the “Ransomware protection” section, click the “Manage ransomware protection” option.
-
Turn off the “Controlled folder access” toggle switch to disable the ransomware protection.
After you complete the steps, the Controlled folder access feature will stop monitoring for ransomware malicious activities on Windows 10.
Update January 30, 2024: This content has been updated to ensure accuracy and reflect changes to the configuration process.
Mauro Huculak is a Windows How-To Expert who started Pureinfotech in 2010 as an independent online publication. He has also been a Windows Central contributor for nearly a decade. Mauro has over 15 years of experience writing comprehensive guides and creating professional videos about Windows and software, including Android and Linux. Before becoming a technology writer, he was an IT administrator for seven years. In total, Mauro has over 21 years of combined experience in technology. Throughout his career, he achieved different professional certifications from Microsoft (MSCA), Cisco (CCNP), VMware (VCP), and CompTIA (A+ and Network+), and he has been recognized as a Microsoft MVP for many years. You can follow him on X (Twitter), YouTube, LinkedIn and About.me. Email him at [email protected].