Skip to main content

How to turn on Windows 10 Ransomware protection

Few malware attacks are as annoying or potentially costly as ransomware. Once your computer becomes infected, ransomware locks you out of valuable files and demands that you send payments in exchange for releasing them. Even major corporations have been attacked, with some actually making enormous payouts to get their digital property back.

Yep, that’s scary — but there are ways you can protect your devices. One of the newer, easier-to-enable options offered by Windows 10 is enabling its innate ransomware protection with controlled file access. Let’s walk through how to turn it on and what this means for your Windows 10 security going forward.

Recommended Videos

Step 1: Head to Windows Security

Screenshot showing windows security search.
Image used with permission by copyright holder

Once you have logged into Windows 10, head down to the search bar on the left side of the Windows 10 taskbar and type in Security.

Look at the results and choose the Windows Security App to begin.

Once Windows Security has opened, look to the left-side menu and select Virus & Threat Protection, which has a shield icon.

Step 2: Manage your ransomware protection

Screenshot showing the Ransomware protection section.
Image used with permission by copyright holder

Once in Virus & Threat Protection, scroll down until you find the section called Ransomware Protection. This will list any important protection updates you might need, as well as give you an option to Manage Ransomware Protection. Select this to continue.

Step 3: Make sure Controlled Folder Access is enabled

Screenshot showing the Controlled Folder Access feature turned on.
Image used with permission by copyright holder

You will now open a window dedicated to Ransomware Protection. Here, look for the section that says Controlled Folder Access.

You should see a toggle to turn Controlled Folder Access On. Make sure it is toggled to On, and your ransomware protection will automatically begin, keeping any suspicious software from accessing and locking or messing with your files.

You may get a User Account Control window pop-up that asks if you are sure you want to enable this type of protection (for this and other steps here). Again, this is a native Windows option from Microsoft, so trusting it is not a problem. However, it may change the way that you manage files in some ways, so let’s take a look at managing app access.

Step 4: Let certain apps have access as needed

Image showing button for adding an allowed app.
Image used with permission by copyright holder

Look under Controlled Folder Access once you have enabled it, and you will see an option that says Allow an App Through Controlled Folder Access. On default settings, the Controlled Folder Access mode will block file access from any app it doesn’t recognize, which is likely to include most or all third-party apps you are using. That’s a problem if an app really does need access to one of your files (a PDF editing tool, for example). Choose this option to allow a specific app to use your files.

On the next screen, choose Add an Allowed App to begin. If you recently ran into a blocking problem, you can choose Recently Block Apps to quickly locate the program in question. Otherwise, choose Browse All Apps, and choose the app you know you want to allow through. You can manage this list over time as you get used to ransomware protection.

Step 5: Set up file recovery

The OneDrive logo.
Image used with permission by copyright holder

Finally, if you haven’t set up Microsoft’s cloud solution OneDrive yet, the Ransomware Protection window will have a suggestion at the bottom to set up OneDrive. This will allow you to store important files in the OneDrive cloud as well as on your local hard drive. That means that even if Ransomware locks you out of local files, you can access those same files safely from OneDrive while wiping your computer (we highly recommend taking it into an expert, too) and getting rid of the malware.

OneDrive’s base service is free and does include individual file recovery, so this costs nothing to set up and is a good idea if you are worried about losing access to your files. If you have already set up OneDrive, you will instead see an option to View Files so you can make sure that your most important files are already in OneDrive.

While you’re at it, why not take a look at our top suggestions for free antivirus software that can keep your computer protected without adding annoying bloatware?

Tyler Lacoma
If it can be streamed, voice-activated, made better with an app, or beaten by mashing buttons, Tyler's into it. When he's not…
Windows 11 can now run on unsupported systems, but there’s a catch
A laptop sits on a desk with a Windows 11 wallpaper.

Microsoft is now allowing users to update to Windows 11 on older, unsupported hardware, including systems that don’t meet the operating system’s strict hardware requirements.

While the company initially set these requirements — including the need for a TPM 2.0 chip and specific processor models — to ensure performance, reliability, and security, it has now provided a manual installation option for those who want to use Windows 11 on unsupported machines.

Read more
Microsoft won’t back down on Windows 11’s biggest hurdle
The Surface Pro 11 on a white table in front of a window.

Microsoft has reaffirmed that it will not lower the minimum hardware requirements for Windows 11, solidifying the need for a Trusted Platform Module (TPM) 2.0 and a compatible CPU. This decision leaves many older PCs ineligible for the upgrade. Microsoft emphasizes that these standards are vital for improved security and performance.

As per a recent blog post titled “TPM 2.0 – a necessity for a secure and future-proof Windows 11,” Microsoft reaffirmed its decision not to relax Windows 11’s strict hardware requirements. TPM 2.0 is a hardware-based security feature that protects sensitive data and ensures secure boot processes. Microsoft argues that such measures are nonnegotiable as the company continues to address rising cybersecurity threats. The minimum requirements include a list of approved CPUs, starting from AMD Ryzen 2000 and Intel 8th Gen processors, that offer advanced security features and better performance efficiency.

Read more
Windows 11 remains the driver of growth in PCs, not AI
The Surface Laptop shown in front of a Copilot+ sign.

There's been a lot of talk about AI PCs this year, but has it actually delivered on its promise? A new analysis from TrendForce says the significant boost in laptop sales in 2024 has more to do with Windows 11 updates than it does with fancy new AI features.

"The impact of AI-integrated notebooks on the overall market remains limited for now," the report states. "However, AI features are expected to naturally integrate into notebook specifications as brands gradually incorporate them, resulting in a steady rise in the penetration rates of AI notebooks."

Read more