Share via

Controlled Folder Access in Windows 10 is blocking iCloud Photos causing excessive download traffic

Anonymous
2018-08-15T14:51:03+00:00

I enabled Controlled Folder Access (Defender ransomware protection) in Windows 10 1 day ago.

I saw some notification warnings saying various programs were blocked, iCloudPhotos being one them.

iCloud tray icon also reported problems writing to its default location and that it was stuck trying to sync 4 photos (which i had taken on my phone recently).

My UniFi router/controller reported a massive spike in download activity from iCloud.  I thought maybe one of my Apple devices was resyncing or was stuck in a loop.  Was unlikely to be iCloud Backup as this should affect uploads rather than downloads.

Closer inspection confirmed it was my Windows PC which pulled down ~20GB of iCloud traffic in the last 24 hours which is completely abnormal.

Turned off Controlled Folder Access, the 4 photos then came through and the iCloud traffic has gone back to normal levels.

Didn’t bother trying to add allowed/approved program exceptions at this stage.  Defender wants you to browse to locate the EXEs manually which is a bit fiddly and poorly implemented IMO.  The notification should allow you to easliy add an exception but it doesn’t.  Not user friendly at all and not something a typical end user could figure out.

Windows for home | Windows 10 | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2018-09-30T15:36:24+00:00

    Thank you Dazzabozza for the clear, graphics supported, assessment for this issue that I am also experiencing. Yes, rolling back from Windows 10 Controlled Folder Access (Defender ransomware protection) is the simplest end user solution. 

     May I please request Microsoft Engineers step up, weigh in with their solution on how to that if Defender notifications are going to continue being the norm, then please have the notification provide either display the full drive/path to the application's EXE, and/or provide an on the spot opportunity to allow/approve the application's EXE.

      This issue, IMO, is so ridiculous, I am now encountering this issue frequently, and am really not looking forward to the stop in my productivity just to clarify/allow within Defender the hard drive apps's EXE I am attempting to use. I had to add "mspaint" as an allowed app!

    Was this answer helpful?

    10+ people found this answer helpful.
    0 comments