Configure allowed applications


Add additional applications that should be considered "trusted" by controlled folder access.

These applications are allowed to modify or delete files in controlled folder access folders.

Microsoft Defender Antivirus automatically determines which applications should be trusted. You can configure this setting to add additional applications.

Enabled:
Specify additional allowed applications in the Options section..

Disabled:
No additional applications will be added to the trusted list.

Not configured:
Same as Disabled.

You can enable controlled folder access in the Configure controlled folder access GP setting.

Default system folders are automatically guarded, but you can add folders in the configure protected folders GP setting.

Supported on: At least Windows Server, Windows 10 Version 1709

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access
Value NameExploitGuard_ControlledFolderAccess_AllowedApplications
Value TypeREG_DWORD
Enabled Value1
Disabled Value0

Enter the applications that should be trusted:

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access\AllowedApplications
Value Name{number}
Value TypeREG_SZ
Default Value

windowsdefender.admx

Administrative Templates (Computers)

Administrative Templates (Users)