Is Controlled Folder Access worth trying?

  • Yes

    Votes: 20 69.0%
  • No

    Votes: 9 31.0%
  • Total voters
    29

Spawn

Administrator
Verified
Staff member
I have used the Controlled Folder Access (aka Windows Defender Antivirus Ransomware Protection) in earlier builds, but turned it off due to being unable to whitelist applications properly.

In the latest Windows 10 May 2020 Update (Version 2004), is it worth re-visiting?
 

DSD27

Level 5
Who does this type of approach react when malware disguises itself using a legit process name?
 
Last edited:

plat1098

Level 21
Verified
I install and delete too much software too often. This was a PITA when I made an honest effort to use it before. Can't imagine it's getting any more friendly now. GPO and OSA fill in nicely, plus my image. I don't trust me implicitly.

So, I say "yes," it's worth trying. Demo it like any other monitoring software with the potential to get on your nerves. NOTE: I have not used CFA since the Anniversary Update.
 

Protomartyr

Level 6
Verified
I have CFA enabled on my laptop currently and I'm looking forward to any improvements in the May 2020 update. It's definitely a pain to setup. However, once you have it configured correctly for your needs, the only time I'm aware of it is when updating applications. Sometimes I may have to whitelist the installer temporarily for it to complete successfully.
 

oldschool

Level 54
Verified
don't see any reason why it shouldn't be used.
... Works fine here
It's sometimes annoying, but if you go for Windows 10 built-in security, I believe you should use it.
Test in the HUB confirm its effectiveness/need.
Sometimes I may have to whitelist the installer temporarily for it to complete successfully.
Absolutely. Why wouldn't you use it? Maybe if you have a bunch of 3rd party apps to update. Then it can be a real pain, but it depends on user's setup ....

I know I've gotten block notifications for browser updates but they usually are for updates that use Temp folder.

Plus, there are these nifty CFA tweaks (see posts #57 & 58) compliments of @Windows_Security & @Andy Ful. Who else? ;) (y)(y)
 

Andy Ful

Level 62
Verified
Trusted
Content Creator
...
Sometimes I may have to whitelist the installer temporarily for it to complete successfully.
CFA will block the creation of shortcuts on Desktop (with error alert) but the installation should finish without problems. The shortcuts are usually created without problems on Start Menu. One can drag & drop the shortcut from there to Desktop if needed.
CFA can produce some alerts when something wants to access the protected boot sectors on the disk - most applications can do it without a serious reason, so they can work well with CFA even with blocked access.
Did you notice other possible issues?
 
Last edited:

Protomartyr

Level 6
Verified
Did you notice other possible issues?
Nope! I haven't experienced any other issues.
I've come to like CFA and hope that Microsoft makes even more improvements so that others can take advantage of it. At its current stage, I don't think it's ready to be enabled by default on systems since most users probably aren't computer savvy enough to set it up properly or troubleshoot any false positives that may come up.
 

SeriousHoax

Level 29
Verified
Malware Tester
CFA will block the creation of shortcuts on Desktop (with error alert) but the installation should finish without problems.
Desktop has actually been removed from CFA's default folders quite a while ago. I mean 3-4 months at least on my PC.
Personally I never had any problem with apps updating due to CFA like some users face :unsure: This can only happen if the particular apps use Documents folder to store some files.
 

Andy Ful

Level 62
Verified
Trusted
Content Creator
Desktop has actually been removed from CFA's default folders quite a while ago. I mean 3-4 months at least on my PC.
Personally I never had any problem with apps updating due to CFA like some users face :unsure: This can only happen if the particular apps use Documents folder to store some files.
For children and casual users, protecting Desktop can be important. They usually keep files on Desktop (like women tend to keep everything in their handbags).
But in fact, I missed somehow this change in CFA. I was too busy with the new version of H_C.:)
 

SeriousHoax

Level 29
Verified
Malware Tester
For children and casual users, protecting Desktop can be important. They usually keep files on Desktop (like women tend to keep everything in their handbags).
But in fact, I missed somehow this change in CFA. I was too busy with the new version of H_C.:)
It's easy to miss this change if no new apps are installed. I noticed one day when I saw a desktop shortcut made by an app that I installed.
You're correct about casual user. Personally I like clean desktop but I've seen a lot of messed up desktop filled with files. But most people prefer desktop shortcuts for applications so it's understandable why it was removed.
 

plat1098

Level 21
Verified
Well, based on some thoughtful and well-meaning posts, I went ahead and enabled CFA on here on a trial basis. I'll apply some of those settings, thank you for posting that, SeriousHoax. I'll see how it works out. I enabled this right when it first debuted, I think--not the AU but 1803? Way back then. Didn't work out then, seriously got on my nerves and exclusions weren't very flexible nor did they always kick in.

Times change, so minds should also. 🌷
 

oldschool

Level 54
Verified
most users probably aren't computer savvy enough to set it up properly
I wonder about this. Setting up the usual protected files is not difficult (already done by default on Admin account), and whitelisting apps should be straight-forward enough for folks who can read the GUI.

troubleshoot any false positives that may come up.
I agree. This can be more challenging for the casual user.
 
Top