Skip to content
Follow
Windows

How to Enable or Disable Controlled Folder Access for Microsoft Defender Antivirus in Windows 11

Richard
Written by
Richard
Mar 28, 2026 Updated Jun 20, 2026 4 min read
How to Enable or Disable Controlled Folder Access for Microsoft Defender Antivirus in Windows 11
How to Enable or Disable Controlled Folder Access for Microsoft Defender Antivirus in Windows 11

You enable or disable Controlled Folder Access in Windows 11 to protect your important files from ransomware and other malicious apps using Microsoft Defender Antivirus.

Controlled Folder Access is a security feature that prevents unauthorized applications from modifying files in your chosen protected folders, like Documents or Pictures.

Controlled Folder Access in Microsoft Defender Antivirus uses a list of trusted applications to protect sensitive folders. Only programs on the approved list can change important files, preventing ransomware from encrypting them. This security measure protects user data by restricting application access.

For example, if a new, untrusted app attempts to write to your Documents folder, Controlled Folder Access will block the action and notify you, safeguarding your data from potential threats like ransomware, which can lock your files and demand payment.

To change the Controlled Folder Access setting in Microsoft Defender Antivirus for Windows 11, a user requires administrator rights and must have Real-time Protection turned on. Real-time Protection actively guards against malware and ransomware by scanning files in real-time.

⚡ Quick Answer

Open Windows Security, navigate to Virus & threat protection, then Manage ransomware protection. Toggle Controlled folder access On or Off. Alternatively, use the command line with Set-MpPreference -EnableControlledFolderAccess [Enabled/Disabled].

Option 1Use Windows Security Settings

You can easily turn controlled folder access on or off in Windows 11 using the built-in Windows Security app.

Option 2Use Command Line

  1. ⚠️ Admin Required: Open Windows Terminal (Admin) and choose either Windows PowerShell or Command Prompt.
  2. Copy and paste one of the commands below, then press Enter:
    • To Turn On Controlled Folder Access:

      Set-MpPreference -EnableControlledFolderAccess Enabled
    • To Turn Off Controlled Folder Access (default):

      Set-MpPreference -EnableControlledFolderAccess Disabled
  3. Close Windows Terminal when finished.

Option 3Use Local Group Policy Editor

Windows 11 Pro, Enterprise, and Education users can manage controlled folder access using the Local Group Policy Editor, a tool that lets you change computer settings.

  1. ⚠️ Admin Required: Open the Local Group Policy Editor (gpedit.msc).
  2. In the left panel, navigate to this location:

    Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Controlled folder access
  3. In the right panel, double-click the Configure Controlled folder access policy.

To Turn Off Controlled Folder Access:

  1. Select Enabled.
  2. In the Configure the guard my folders feature dropdown, select Disable (Default).
  3. Click OK.

To Use Default Settings:

  1. Select Not Configured.
  2. Click OK.
  • Close the Local Group Policy Editor.
  • Group Policy Editor Configure controlled folder access ransomware protection
    Group Policy Editor Configure controlled folder access ransomware protection
    Configure controlled folder access options and protected folders list
    Configure controlled folder access options and protected folders list

    Option 4Use Registry Editor

    ⚠️Warning
    ⚠️ Admin Required: Use this method on all Windows 11 editions, including Home.

    To Always Turn On Controlled Folder Access:

    Click the Download button below to download the file, then follow the installation steps.

    🗝️Registry
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access" /v EnableControlledFolderAccess /t REG_DWORD /d 1 /f

    To Turn Off Controlled Folder Access:

    🗝️Registry
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access" /v EnableControlledFolderAccess /t REG_DWORD /d 0 /f

    To Use Default Settings:

    🗝️Registry
    reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access" /v EnableControlledFolderAccess /f

    Summary

    Controlled folder access in Windows 11 is a security tool that stops bad apps from changing your important files, like documents and photos, protecting them from ransomware.

    Controlled Folder Access protects important documents and personal files from ransomware. This feature uses Microsoft Defender Antivirus in Windows 11 to block unauthorized apps from changing files within protected folders.

    📝Good to Know
    Controlled Folder Access in Windows 11 has four activation options. Users can choose Windows Security settings, execute a command, edit Group Policy for Pro, Enterprise, or Education versions, or edit the Registry. All activation methods require administrator privileges.

    Controlled Folder Access, when turned on, allows trusted apps normal access to protected folders. Untrusted apps face a block, and users receive a warning if these untrusted applications attempt to access protected files.

    Can I turn controlled folder access off?

    Windows Security (GUI) method: Use the Windows Security app to quickly enable or disable Controlled Folder Access on a single device by toggling it under Ransomware Protection, provided Microsoft Defender is fully enabled.

    Is controlled folder access worth it?

    Controlled folder access is a feature that helps protect your documents and files from modification by suspicious or malicious apps. It's especially useful in helping protect against ransomware that attempts to encrypt your files and hold them hostage.

    Was this guide helpful?

    Tags: #Windows 11
    Was this helpful?
    Richard

    About the Author

    Richard

    Tech Writer, IT Professional

    Richard, a writer for Geek Rewind, is a tech enthusiast who loves breaking down complex IT topics into simple, easy-to-understand ideas. With years of hands-on experience in system administration and enterprise IT operations, he’s developed a knack for offering practical tips and solutions. Richard aims to make technology more accessible and actionable. He's deeply committed to the Geek Rewind community, always ready to answer questions and engage in discussions.

    📚 Related Tutorials

    How to Enable or Disable Real-time Protection for Microsoft Defender Antivirus in Windows 11
    Windows How to Enable or Disable Real-time Protection for Microsoft Defender Antivirus in Windows 11
    How to Open Windows Terminal as Admin Automatically
    Windows How to Open Windows Terminal as Admin Automatically
    How to View Local Group Policies that are Configured in Windows 11
    Windows How to View Local Group Policies that are Configured in Windows 11
    Protect Your Windows 11 with Microsoft Security
    Windows Protect Your Windows 11 with Microsoft Security

    No comments yet — be the first to share your thoughts!

    Leave a Comment

    Your email address will not be published. Required fields are marked *