Ransomware protection in Windows Security

The Ransomware protection page in Windows Security has settings for both protecting against ransomware, and recovering if you happen to get attacked.

Controlled folder access designates specific folders which only trusted apps are allowed to access. This prevents the contents of the folders from being changed, or encrypted, by malware such as ransomware.

Enable controlled folder access by turning it on with the toggle. By default key folders such as Windows system folders, your default documents and pictures folders, and others are automatically protected. 

To add protected folders:

  1. Go to Start  > Settings  > Update & Security  >Windows Security , and then select Virus & threat protection.

  2. Under Virus & threat protection settings, select Manage settings.

  3. Under Controlled folder access, select Manage Controlled folder access.

  4. Under Controlled folder access, select Protected folders.

  5. Select Add a protected folder and follow the instructions to add folders.

You can add additional apps to the trusted list by selecting Allow an app through Controlled folder access then Add an allowed app.

Caution: Be thoughtful about which apps you add here; any added apps will be able to access the files in the protected folders and if that app gets compromised the data in those folders could be at risk.

Additionally, if you see an App is blocked message when you try to use a familiar app, you can simply unblock the app. Here's how:

  1. Write down or take note of the path of the blocked app.

  2. Select the message, and then select Add an allowed app.

  3. Browse for the program to which you want to allow access.

Note: If you try to save a file to a folder and the folder is blocked, that means the app you’re using is blocked from saving to that location. If that happens, save the file to another location on your device. Then use the previous steps to unblock the app, and you’ll be able to save the files to your desired location.

For more details about controlled folder access see Protect important folders with controlled folder access.

OneDrive has built-in ransomware detection and recovery tools. If you're signed into an account with OneDrive (Consumer or Business) You can access them through the OneDrive interface or here. Select View files and you can use OneDrive's Files restore capability to restore any pre-attack versions of the files that may be there.

For more details see Ransomware detection and recovering your files.

How malware can infect your PC

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!

×