![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 41%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPO%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Defender | Microsoft Defender for Office 365
Protection against phishing, malware, and other threats targeting email and collaboration tools in Microsoft 365
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 69%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Like most, you have this backwards.
the only reason you'd need to 'put a stop' to these Protected Folder Access Blocked notifications is if they're actually causing a true problem, such as stopping you from completing a task using an app that you must be able to perform.
The reason is that, by default, Controlled Folder Access (CFA) blocks any attempt by apps to directly write into a list of protected folders such as documents using mostly older, outdated methods that Microsoft had tried to get developers to stop using years or even decades ago. Unfortunately, these are some of the same techniques used by ransomeware to overwrite or do other damage, so by automatically blocking these write attempts, CFA typically stops most common ransomeware in its tracks.
Unfortunately, consumers are often oblivious to any of this, so when they see such notifications, they believe something needs to 'be done' which is almost never true.
In reality, one of the most common situations where these notifications occur is when Windows Update completes and either a driver or utility pack update finishes by trying to copy some file, often a sample picture, video or app file format, directly into a Protected folder like Documents, Pictures, or video.
Since in most cases, a typical user will never even try to find these sample files or care whether they're present, it really doesn't often matter that these file copies were blocked, so there's actually nothing needing to be 'fixed', it's just the user' misunderstanding of these notifications causing them to believe this.
Since bypassing these 'error' notifications means opening a potential hole through which actual ransomeware might possibly launch an attack, it's most often best to never try allowing these typically unnecessary files to be copied and written.
So my version of this is to simply learn to ignore these CFA notifications, unless shortly after a new one is displayed, you have a specific problem either using a new app or find that an important sample or other file is missing, which isn't at all likely, since those would usually have been placed in the app's program files folder where they belong.
Rob
