Add blocked programs to Controlled Folder Access' whitelist
Add Application to Controlled Folder is a handy PowerShell script which you may use to whitelist blocked programs by Windows 10's Controlled Folder Access feature.
Controlled Folder Access is a new security feature of Windows Defender that Microsoft introduced in the Windows 10 Fall Creators Update.
The feature is not turned on by default; we have published detailed instructions on enabling the feature in the linked guide above.
Controlled Folder Access monitors access to folders that it protects, and blocks access to these folders if it identifies a program as outright malicious or suspicious.
While that means that most programs that you run on Windows will be allowed access automatically, some legitimate programs may be flagged by the security feature. Any blocked application is prevented from accessing the folders, and that won't change unless you whitelist these programs explicitly.
While you can whitelist one program at a time, you may also improve the process with the help of the PowerShell script Add Application to Controlled Folder.
The script retrieves the list of blocked applications and gives you options to whitelist none, some or all of those programs.
Note: You need to allow the running of unsigned scripts if this is the first third-party PowerShell script that is run on the Windows PC. On an elevated PowerShell prompt, type set-executionpolicy remotesigned and select Y for yes when the prompt is displayed.
Here is how it works in detail:
- Download the program from the author's GitHub project page.
- Extract the script to the local system.
- Tap on the Windows-key, type PowerShell, hold down the Ctrl-key and Shift-key, and load the PowerShell application (with elevated rights).
- Run the command AddApplicationToControlledFolder.ps1.
- The script launches a window in which it lists all programs that have been blocked in the past.
- Select the ones that you want to allow, and hit the ok button to complete the process.
You can verify that the programs have been added to the whitelist by going to Virus & threat protection > Virus & threat protection settings > Allow an app through controlled folder access.
Can this be used with the Controlled Folder Access audit mode to list all the programs that *would have* been blocked? That way I could avoid the pain of discovering broken/blocked apps before creating the whitelist with this script.
change the second line of the script from
Where-Object {$_.Id -eq “1123”}
to
Where-Object {$_.Id -eq “1124”}
thanks!
Thanks!
i cannot see the apps listed in the settings although the ones i tried to block show up in the list the powershell generates. it acts like it is listing them but then nothing…no list. on some machines i can see the list of blocked apps and can remove them. any thoughts on why i would not be able to see the apps i allow on the settings page where they should be listed. thanks
juli