Controlled folder access is designed to protect your valuable data from malicious apps and threats, such as ransomware. This feature works by checking apps against a list of known, trusted apps and blocking unauthorized or unsafe apps from accessing or changing files in protected folders.

In Windows 10 or 11 turn on Controlled Folder Access to protect your important local folders from unauthorized programs like ransomware or other malware. Get ransomware detection and recovery with Microsoft 365 advanced protection.

Learn about privacy concerns with apps having file system access and find out how to allow or deny apps and services from accessing your file system.

After you have set permissions for a library, you may want to set unique permissions on one or more folders in that library. For example, you may want to create a subfolder where anyone could read and add files to a subfolder, but not the root folder or any other subfolder.

You can't control most of the permissions for this app in Settings > Privacy. Note that while the app has the ability to access these resources, it might not actually do so.

A vulnerability exists in Windows that allows unauthorized users to view the full file path to a resource they do not have permissions to access. This vulnerability might occur when the user has FILE_LIST_DIRECTORY access rights on a parent folder and obtains directory change notifications.

Find out why some apps need access to your pictures, videos, and documents libraries, and how to allow or deny apps from accessing these locations.

Learn how to stop sharing your files and folders on OneDrive.

If you've created a public folder, or you want to grant or restrict access to a folder to specific users or groups, here's how to set permissions for public folders.

Label and protect files in File Explorer in Windows by using the Classify and Protect tool.