How to Enable or Disable Controlled Folder Access for Microsoft Defender Antivirus in Windows 11
You enable or disable Controlled Folder Access in Windows 11 to protect your important files from ransomware and other malicious apps using Microsoft Defender Antivirus.
Controlled Folder Access is a security feature that prevents unauthorized applications from modifying files in your chosen protected folders, like Documents or Pictures.
Controlled Folder Access in Microsoft Defender Antivirus uses a list of trusted applications to protect sensitive folders. Only programs on the approved list can change important files, preventing ransomware from encrypting them. This security measure protects user data by restricting application access.
For example, if a new, untrusted app attempts to write to your Documents folder, Controlled Folder Access will block the action and notify you, safeguarding your data from potential threats like ransomware, which can lock your files and demand payment.
To change the Controlled Folder Access setting in Microsoft Defender Antivirus for Windows 11, a user requires administrator rights and must have Real-time Protection turned on. Real-time Protection actively guards against malware and ransomware by scanning files in real-time.
Open Windows Security, navigate to Virus & threat protection, then Manage ransomware protection. Toggle Controlled folder access On or Off. Alternatively, use the command line with Set-MpPreference -EnableControlledFolderAccess [Enabled/Disabled].
Option 1Use Windows Security Settings
You can easily turn controlled folder access on or off in Windows 11 using the built-in Windows Security app.Option 2Use Command Line
- ⚠️ Admin Required: Open Windows Terminal (Admin) and choose either Windows PowerShell or Command Prompt.
- Copy and paste one of the commands below, then press Enter:
- To Turn On Controlled Folder Access:
Set-MpPreference -EnableControlledFolderAccess Enabled - To Turn Off Controlled Folder Access (default):
Set-MpPreference -EnableControlledFolderAccess Disabled
- To Turn On Controlled Folder Access:
- Close Windows Terminal when finished.
Option 3Use Local Group Policy Editor
Windows 11 Pro, Enterprise, and Education users can manage controlled folder access using the Local Group Policy Editor, a tool that lets you change computer settings.
- ⚠️ Admin Required: Open the Local Group Policy Editor (gpedit.msc).
- In the left panel, navigate to this location:
Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Controlled folder access - In the right panel, double-click the Configure Controlled folder access policy.
To Turn Off Controlled Folder Access:
- Select Enabled.
- In the Configure the guard my folders feature dropdown, select Disable (Default).
- Click OK.
To Use Default Settings:
- Select Not Configured.
- Click OK.


Option 4Use Registry Editor
To Always Turn On Controlled Folder Access:
Click the Download button below to download the file, then follow the installation steps.
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access" /v EnableControlledFolderAccess /t REG_DWORD /d 1 /f
To Turn Off Controlled Folder Access:
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access" /v EnableControlledFolderAccess /t REG_DWORD /d 0 /f
To Use Default Settings:
reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Controlled Folder Access" /v EnableControlledFolderAccess /f
Summary
Controlled folder access in Windows 11 is a security tool that stops bad apps from changing your important files, like documents and photos, protecting them from ransomware.
Controlled Folder Access protects important documents and personal files from ransomware. This feature uses Microsoft Defender Antivirus in Windows 11 to block unauthorized apps from changing files within protected folders.
Controlled Folder Access, when turned on, allows trusted apps normal access to protected folders. Untrusted apps face a block, and users receive a warning if these untrusted applications attempt to access protected files.
Can I turn controlled folder access off?
Windows Security (GUI) method: Use the Windows Security app to quickly enable or disable Controlled Folder Access on a single device by toggling it under Ransomware Protection, provided Microsoft Defender is fully enabled.
Is controlled folder access worth it?
Controlled folder access is a feature that helps protect your documents and files from modification by suspicious or malicious apps. It's especially useful in helping protect against ransomware that attempts to encrypt your files and hold them hostage.
Was this guide helpful?
About the Author
Richard
Tech Writer, IT Professional
Richard, a writer for Geek Rewind, is a tech enthusiast who loves breaking down complex IT topics into simple, easy-to-understand ideas. With years of hands-on experience in system administration and enterprise IT operations, he’s developed a knack for offering practical tips and solutions. Richard aims to make technology more accessible and actionable. He's deeply committed to the Geek Rewind community, always ready to answer questions and engage in discussions.
No comments yet — be the first to share your thoughts!