This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 69%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EI%3C/text%3E%3C/svg%3E)
Hi
I was testing CFA with instructions in below URL.
https://demo.wd.microsoft.com/Page/CFA2
I was following the scenario 1.
I downloaded the CFA test tool, opened it, used it to create a file to different controlled folders and every time this tool was able to create a test file to all controlled folders.
What I understood was that this tool is not suppose to be able to create test files to any controlled folders but it can.
Controlled Folder Access is enabled and this is checked via Defender app. Also checked the controlled folders via Defender app.
What am I missing??
@IMK Thanks for posting in our Q&A.
Controlled Folder Access is a feature of Microsoft Defender. I'm not familiar with this product. To get more accurate help, it is suggested to contact Microsoft Defender for Endpoint support. Here is the support link:
Thanks for your understanding and hope everything goes well with you.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 9%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFM%3C/text%3E%3C/svg%3E)
The CFA test tool from Microsoft is designed to test the functionality of the Controlled Folder Access feature in Windows Defender. The tool doesn't bypass the CFA but rather, it is automatically allowed by CFA. It's whitelisted by Microsoft to test the functionality of CFA. The CFA feature in Windows Defender is designed to protect against unauthorized applications from making changes to files in protected folders. If an unauthorized application tries to modify or delete a file in a protected folder, the user is notified about the attempt. If the CFA test tool could not create files in the controlled folders, then it would not be able to effectively test the functionality of the CFA feature. The CFA test tool is designed to demonstrate what would happen if an unauthorized application tried to make changes to files in a protected folder. However, if you want to test the CFA feature with an unauthorized application, you could try using a different application that is not whitelisted by Microsoft. If the CFA feature is functioning correctly, you should receive a notification that the application attempted to make changes to a file in a protected folder. Please note that the "Controlled folder access" feature is meant to help protect your files from being changed by suspicious or malicious apps. It's not designed to prevent all changes to files in protected folders. Some apps that are safe and trusted by Microsoft might still be allowed to make changes to files in protected folders. Refer to this page for more information about the Controlled Folder Access feature.