You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/controlled-folders.md
+24-26Lines changed: 24 additions & 26 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,7 @@ title: Protect important folders from ransomware from encrypting your files with
3
3
description: Files in default folders can be protected from being changed by malicious apps. Prevent ransomware from encrypting your files.
4
4
ms.service: defender-endpoint
5
5
ms.localizationpriority: medium
6
-
ms.date: 07/30/2024
6
+
ms.date: 11/06/2024
7
7
author: denisebmsft
8
8
ms.author: deniseb
9
9
audience: ITPro
@@ -33,12 +33,11 @@ search.appverid: met150
33
33
**Applies to**
34
34
- Windows
35
35
36
-
37
36
> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-assignaccess-abovefoldlink)
38
37
39
38
## What is controlled folder access?
40
39
41
-
Controlled folder access helps protect your valuable data from malicious apps and threats, such as ransomware. Controlled folder access protects your data by checking apps against a list of known, trusted apps. Supported on Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows 10, and Windows 11 clients, controlled folder access can be turned on using the Windows Security App, Microsoft Endpoint Configuration Manager, or Intune (for managed devices).
40
+
Controlled folder access helps protect your valuable data from malicious apps and threats, such as ransomware. Controlled folder access protects your data by checking apps against a list of known, trusted apps. Controlled folder access can be configured by using the Windows Security App, Microsoft Endpoint Configuration Manager, or Intune (for managed devices). Controlled folder access is supported on Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows 10, and Windows 11,
42
41
43
42
> [!NOTE]
44
43
> Scripting engines are not trusted and you cannot allow them access to controlled protected folders. For example, PowerShell is not trusted by controlled folder access, even if you allow with [certificate and file indicators](indicator-certificates.md).
@@ -66,15 +65,6 @@ The [protected folders](#review-controlled-folder-access-events-in-windows-event
66
65
67
66
You can use [audit mode](overview-attack-surface-reduction.md) to evaluate how controlled folder access would impact your organization if it were enabled.
68
67
69
-
Controlled folder access is supported on the following versions of Windows:
70
-
71
-
-[Windows 10, version 1709](/windows/whats-new/whats-new-windows-10-version-1709) and later
72
-
- Windows 11
73
-
- Windows 2012 R2
74
-
- Windows 2016
75
-
-[Windows Server 2019](/windows-server/get-started-19/whats-new-19)
76
-
- Windows Server 2022
77
-
78
68
## Windows system folders are protected by default
79
69
80
70
Windows system folders are protected by default, along with several other folders:
@@ -91,14 +81,13 @@ The protected folders include common system folders (including boot sectors), an
91
81
-`c:\Users\Public\Music`
92
82
-`c:\Users\<username>\Favorites`
93
83
94
-
Default folders appear in the user's profile, under **This PC**.
95
-
> [!div class="mx-imgBorder"]
96
-
> 
84
+
Default folders appear in the user's profile, under **This PC**, as shown in the following image:
85
+
86
+
97
87
98
88
> [!NOTE]
99
89
> You can configure additional folders as protected, but you cannot remove the Windows system folders that are protected by default.
You can use the Windows Security app to view the list of folders that are protected by controlled folder access.
144
137
145
138
1. On your Windows 10 or Windows 11 device, open the Windows Security app.
139
+
146
140
2. Select **Virus & threat protection**.
141
+
147
142
3. Under **Ransomware protection**, select **Manage ransomware protection**.
143
+
148
144
4. If controlled folder access is turned off, you'll need to turn it on. Select **protected folders**.
145
+
149
146
5. Do one of the following steps:
147
+
150
148
- To add a folder, select **+ Add a protected folder**.
151
149
- To remove a folder, select it, and then select **Remove**.
152
150
153
-
> [!IMPORTANT]
154
-
> Do not add local share paths (loopbacks) as protected folders. Use the local path instead. For example, if you have shared `C:\demo` as `\\mycomputer\demo`, do not add `\\mycomputer\demo` to the list of protected folders, instead add `C:\demo`.
151
+
> [!IMPORTANT]
152
+
> Do not add local share paths (loopbacks) as protected folders. Use the local path instead. For example, if you have shared `C:\demo` as `\\mycomputer\demo`, do not add `\\mycomputer\demo` to the list of protected folders, instead add `C:\demo`.
153
+
154
+
[Windows system folders](#windows-system-folders-are-protected-by-default) are protected by default, and you cannot remove them from the list. Subfolders are also included in protection when you add a new folder to the list.
155
155
156
-
> [!NOTE]
157
-
> [Windows system folders](#windows-system-folders-are-protected-by-default) are protected by default, and you cannot remove them from the list. Subfolders are also included in protection when you add a new folder to the list.
158
156
[!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
0 commit comments