![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 68%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Defender | Other
Additional Microsoft Defender tools and services that provide security across various platforms and environments
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 87%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPI%3C/text%3E%3C/svg%3E)
Hello Amin,
Hope this is resolved already. If not, here’s some guidance that should help.
The “Protected folder access blocked” notification is generated by Controlled Folder Access (CFA), which is part of Microsoft Defender Exploit Guard. You can confirm this on an affected device by going to Windows Security → Virus & threat protection → Ransomware protection and checking the status of Controlled folder access.
Centrally, this can be reviewed and managed from the Microsoft Defender portal → Endpoint security → Attack surface reduction → Controlled folder access, where CFA is configured as part of Attack Surface Reduction policies. Refer to: Set up or edit your controlled folder access policy in Microsoft Defender for Business - Microsoft …
Also, this can be applied via Intune, Configuration Manager, GPO or powershell. Refer to: Enable controlled folder access - Microsoft Defender for Endpoint | Microsoft Learn
If this behavior isn’t intended and is impacting users, allow the specific applications that are being blocked or disable the controlled folder access based on how it is configured. Please be aware that disabling it removes the restrictions and the end users can access all folders.
For more details, you can refer to the official documentation here: https://learn.microsoft.com/en-us/defender-endpoint/controlled-folders
Hope this helps!
If you found the information above helpful, please Click Yes. This will assist others in the community who encounter a similar issue, enabling them to quickly find the solution and benefit from the guidance provided.