There is an issue with a new feature of the Security Centre in the Windows 10 Fall Creators Update

It’s the “Controled Folder Access” which blocks ‘Unauthorised’ programmes from making changes to certain folders.

It's an anti-ransomware measure, meant to stop ransomware encrypting you files.

The folders protected by default are your- Documents, Pictures, Videos, Music, Favourites, and your Desktop folders.

You can add other folders to the protection list.

However Controlled Folder Access works on a “block everything by default” basis.

Of course Microsoft's own software is allowed through.

So if you use a 3rd party Text editor for example you may find that it suddenly cannot save to your Documents folder.

Any 3rd party programme/application that tries to save to, or delete something from, one of the protected folders may be blocked.

(And if you have turned off Defender notifications you will be scratching your head as to why).

It’s not clear yet just how many 3rd party programmes this affects, it seems that some are affected some are not.

eg. Softmaker FreeOffice is affected, Irfanview isn’t, CCleaner can be affected (see below).

If you find you suddenly can’t save a file because of this then try saving to the OneDrive folder, this is not in the protected list by default.

There are 2 ways to fix the problem.

• You can turn off Controled Folder Access altogether.
• You can make the 3rd party programme you use an exception in the Controled Folder Access.

To allow a programme through the Controled Folder Access:

Open the Security Centre and go to Virus & Threat Protection > Virus & threat protection settings > Allow an app through controlled folder access > +add an allowed app.

Browse to the .exe file of the app you want to allow, select it and click Open.

This issue can/will affect CCleaner -https://forum.piriform.com/index.php?showtopic=49094&p=288002

This move from Microsoft does seem a particularly crude, heavy handed, way of trying to protect against ransomware.

What were they thinking?

Something along the lines of:

“We can’t be bothered developing a true anti-ransomware, so we’ll just block everything (except our own products) from modifying anything in the user folders”.

They scan your PC during an update to see what software you have installed, so why couldn't they whitelist these?

Maybe they are just hoping to push users into buying more Microsoft products?

More troubling - if the ransomware has infected a Microsoft product, or an app that you have allowed, then it will still get through and encrypt your files.

All in all a very poor attempt at ransomware protection.

I, for one, have turned it off again.

I imagine they are going to be getting a lot of flack about this as it becomes more widely known about / starts to affect users who suddenly find they can’t save files anymore.

just when Defender was getting a good reputation, they go and d!ck with it.

luckily it's turned off by default (on mine anyway) and easily toggled off/on.

As I say in another thread mine was on by default, I did get the upgrade on the first day of release though, so they may have changed it later.

That's why they put these bugger bigger upgrades out in dribs and drabs, so they can still fiddle with things before everyone gets them.

Still it's good to know about the issue for when people start complaining that CCleaner isn't cleaning their Favourites folder, or that programmes have suddenly stopped saving things.