Specify additional folders that should be guarded by the Controlled folder access feature.
Files in these folders cannot be modified or deleted by untrusted applications.
Default system folders are automatically protected. You can configure this setting to add additional folders.
The list of default system folders that are protected is shown in Windows Security.
Enabled:
Specify additional folders that should be protected in the Options section.
Disabled:
No additional folders will be protected.
Not configured:
Same as Disabled.
You can enable controlled folder access in the Configure controlled folder access GP setting.
Microsoft Defender Antivirus automatically determines which applications can be trusted. You can add additional trusted applications in the Configure allowed applications GP setting.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access |
Value Name | ExploitGuard_ControlledFolderAccess_ProtectedFolders |
Value Type | REG_DWORD |
Enabled Value | 1 |
Disabled Value | 0 |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access\ProtectedFolders |
Value Name | {number} |
Value Type | REG_SZ |
Default Value |