Microsoft Defender Finally Gets Crypto Virus Mitigation Toolset

Steve Smith explains how to use Controlled Folder Access by Windows, in Windows Defender, effectively, and help make things easier for you when using your computer. Also, goes into rant on how this feature needs a lot more work. Valid for Windows 10 update 1709.

Episode #8-14 released on November 26, 2017

Watch on Youtube

Microsoft's Update version 1709 now ships with a bunch of new features, some of which are indeed cool, however, the most important new feature is turned off by default. This feature located under Virus and threat protection in Windows Defender is called Controlled Folder Access, and this feature offers file protection from viruses, with an epic catch twenty-two. While, the feature is turned off, and won't offer any issues to normal users who do not turn it on, it may be worth while to note that you will have to learn how to use this feature properly to regain normal use of your computer and its files with everyday use. And, even setup correctly, there is no easy way to know which applications need to be added to the allow an app through controlled folder access option.

What does Controlled Folder Access have to offer?

The ability to prevent unauthorized access to your files, meaning Crypto Ransomware, in theory, cannot encrypt, or modify your personal files, and any other folder you specify.

How does one provide access to applications who need access to Controlled Folders?

Under virus and threat protection settings, in Windows Defender, when Controlled Folder Access is turned on, you click the link for Allow an app through Controlled folder access, and click on add an allowed app. This, in theory, will allow your application to write to that portion of the drive.

How does one specify new folders or drives to be protected by Controlled Folder Access?

Under virus and threat protection settings, in Windows Defender, when Controlled Folder Access is turned on, you click the link for Protected Folders, click add a protected folder, and navigate to the folder or drive you want to protect. I say drive, because for Windows, a drive is just another folder, technically. I've protected two internal backup drives within this computer.

Are there any possible issues, and solutions that may be required when turning this feature on?

Yes, adding a program may be easy, but it may take a while to add all the applications you want to allow access to protected folders. In some cases, you may have to turn off, and restart applications if they were running while added them to the list of allowed applications. It is even possible, that you will have to research the programs you use for details on which service requires access. You will be notified whenever a program attempts access, and if you want to allow that application access, you will have to manually add them to the list of allowed applications, yourself. Microsoft, did drop the ball on that aspect of the program.

Do I recommend turning on Controlled Folder Access?

It will be a mighty headache for novice users, for which this may be intended. Thing is, this tool should be easier to use than it currently is. It is innovative in the idea that you can prevent unauthorized modification to files in protected folders, but neglects many important things, such as clearly visible locations of programs trying to change files that would make it easier to change, and clearly requires a better grasp of user experience. While, many hate how Windows' User Account Control may work, especially due to poor implementations in Windows Vista, it frankly should be a similar if not identical process so that novice users can use the tool as easily as opening the browser, and remove some of the headache of more advanced users trying to figure out which file is doing what.

This technology is important, the means of adding folders and programs is simple enough, but the implementation is frankly flawed, and ultimately will result in this option being left off.

My suggestion continues to be, an offline, unconnected backup of all your important files, whether it be an external hard drive, USB stick, or optical media. Using this tool may result in many hours of work, especially if you format your computer frequently. I will continue to tinker with this, but I do consider myself a power user, and not an amateur to say the least. I found all this out by simply using the application, and Windows 10 does not provide any visual cues that would make the process any easier, and no batch process of allowing application exceptions, either.

Also, if you are trying to use something like an Nvidia shield portable, probably a good idea to allow the blocked game from Steam, as their run location from their shortcut leads to steam, not to the game itself, which be located on your drive at an address like below:

X:\Program Files (x86)\Steam\steamapps\common\GAMENAME\Binaries\Win64

Host : Steve Smith | Music : | Editor : Steve Smith | Producer : Zed Axis Dot Net

Community Comments

Share your thoughts, opinions and suggestions

Login or Register to post Your comment.