Enable & Configure Ransomware Protection on Windows Defender

ByLiam Last Updated On

Microsoft Defender Antivirus includes a built-in feature called Ransomware Protection that helps prevent unauthorized apps from changing files stored in protected folders. This feature, known as Controlled Folder Access, adds an extra layer of security by allowing only trusted applications to modify your important data.

In this guide, you’ll learn how to enable and configure Ransomware Protection on Windows Defender step by step. 

Enable & Configure Ransomware Protection on Windows Defender

Enable & Configure Ransomware Protection on Windows Defender
Enable & Configure Ransomware Protection on Windows Defender

To enable Ransomware Protection on Windows Defender, open Windows Security, go to Virus & threat protection, select Manage ransomware protection, and turn on Controlled folder access. After enabling it, review the protected folders, allow trusted apps if needed, and configure recovery options for better protection against ransomware attacks.

Step 1: Open Windows Security

The first step is to open the Windows Security application, which is included with Windows 11 and Windows 10. This app gives you access to all of Microsoft’s built-in security features, including virus protection, firewall settings, and ransomware protection.

Click the Start button and type Windows Security into the search bar. When the app appears in the search results, click it to open. You can also open Settings, select Privacy & Security or Update & Security depending on your Windows version, and then choose Windows Security.

Once the app opens, you’ll see several security categories on the home screen. This confirms that Microsoft Defender is active and ready to manage your computer’s security.

Step 2: Navigate to Ransomware Protection

Inside the Windows Security window, click Virus & threat protection. This section contains various protection features designed to keep your PC safe from malware.

Scroll down until you find the Ransomware protection section. Click Manage ransomware protection to open its settings.

Here, you’ll see the Controlled folder access option. If it’s turned off, your important folders are not currently protected from unauthorized changes. This is the feature you’ll enable in the next step.

Step 3: Turn On Controlled Folder Access

Locate the Controlled folder access switch and click it to turn the feature on. If User Account Control asks for permission, select Yes to continue.

Once enabled, Windows Defender starts monitoring protected folders and blocks unknown or suspicious applications from making unauthorized changes. This helps stop ransomware before it can encrypt your files.

Keep in mind that some legitimate apps may initially be blocked if Windows doesn’t recognize them as trusted. This is normal and can be managed later through the allowed apps settings.

Step 4: Review and Customize Protected Folders

After enabling Controlled folder access, take a moment to review the folders being protected.

Click Protected folders to see the default locations that Windows automatically secures. These typically include your Documents, Pictures, Videos, Music, and Desktop folders.

If you store important files in another location, click Add a protected folder and select the folder you want to secure. From that point forward, Windows Defender will monitor it just like the default protected folders.

Choosing the right folders ensures that your most valuable files receive the highest level of protection without affecting the rest of your system.

Step 5: Allow Trusted Apps Through Controlled Folder Access

After enabling Controlled Folder Access, you may notice that some trusted applications cannot save or edit files inside your protected folders. This happens because Windows Defender blocks apps that it cannot automatically verify.

To fix this, return to the Manage ransomware protection page and click Allow an app through Controlled folder access. Select Add an allowed app, then browse for the application that you trust.

Only allow apps that you recognize and regularly use. Adding unknown or suspicious software could reduce the effectiveness of ransomware protection. If an app is blocked unexpectedly, verify that it is legitimate before allowing it access.

Step 6: Configure OneDrive Recovery Options

Windows also provides a recovery option through OneDrive that can help restore your files if they are affected by ransomware.

From the Manage ransomware protection page, look for the Data recovery section. If you use OneDrive, sign in with your Microsoft account and complete the setup if prompted.

Keeping your files synchronized with OneDrive means you have an additional copy stored in the cloud. If ransomware damages your local files, you may be able to restore an earlier version, minimizing data loss.

Step 7: Test and Keep the Feature Updated

After completing the setup, it’s a good idea to confirm that everything is working correctly.

Open a trusted application such as Notepad or Microsoft Word and save a file inside one of your protected folders. If the file saves normally, the app has the necessary permissions. If an application is blocked, Windows Defender will display a notification explaining what happened.

To maintain strong protection, regularly install Windows Updates and keep Microsoft Defender Antivirus up to date. Security updates improve ransomware detection and help protect your PC from newly discovered threats.

Additional Tips

  • Using Controlled Folder Access is an excellent first step, but combining it with other security practices provides even better protection. 
  • Keep real-time protection enabled so Microsoft Defender can detect threats as they appear. 
  • Avoid downloading files from unknown websites or opening unexpected email attachments, as these are common ways ransomware spreads.
  • Create regular backups of your important files using an external drive or a trusted cloud storage service. 
  • If your files are backed up, you can restore them without paying a ransom. 
  • Finally, review your security settings every few months to ensure ransomware protection remains enabled and properly configured.

FAQs

Does Windows Defender include ransomware protection by default?

Yes. Microsoft Defender Antivirus includes Ransomware Protection, but Controlled Folder Access is usually turned off by default. You need to enable it manually.

What is Controlled Folder Access?

Controlled Folder Access is a Windows security feature that prevents unauthorized applications from modifying files stored in protected folders. It helps reduce the risk of ransomware attacks.

Can I add my own folders for protection?

Yes. You can add custom folders by opening Manage ransomware protection, selecting Protected folders, and choosing Add a protected folder.

Why are some apps blocked after enabling ransomware protection?

Windows Defender may block applications that it cannot verify as trusted. If you know the app is safe, you can add it to the Allowed apps list.

Does ransomware protection affect PC performance?

In most cases, the impact is minimal. The feature runs in the background and only checks whether applications are authorized to access protected folders.

Hi, my name is Liam, I'm the man who shares his tech experience on GadgetsNurture by writing articles (About error codes, Guides, or How To's). I have more than 10 years of experience having a good knowledge of technology and Gadgets. I faced many issues with my home appliances and gadgets, and sometimes, the apps or other software that I regularly use. So, I decided to help people like me who daily face issues with their gadgets and tech!

Leave a Reply

Your email address will not be published. Required fields are marked *