Advertisement

Enable Core Isolation Memory Integrity in Windows 10

With recent Windows 10 releases, there is a new Device security page available in the Windows Defender Security Center. It reports the status of security features built into your devices. There, it is also possible to manage various features on to enable enhanced device protection.

Advertisement


Windows 10 Creators Update version 1703 brought yet another change to Windows 10's UI. There is a new app called Windows Defender Security Center. It has been created to help the user control his security and privacy settings in a clear and useful way.

Before you proceed, here is what you need to know. Don't be confused between Windows Defender and Windows Defender Security Center. Windows Defender is the built-in anti-virus software which provides real-time protection against threats. The Windows Defender Security Center app is just a dashboard which allows you to track your protection state. It can be used to configure various security options like SmartScreen.

Starting with Windows 10 Build 17093, you can configure Core isolation Memory integrity using Windows Defender Security Center. The Core isolation feature provides a number of virtualization-based security options to protect core parts of your computer. Memory Integrity is part of the Core isolation feature that prevents attacks from inserting malicious code into high-security processes. Let's see how to enable this useful feature.

To enable Core Isolation Memory Integrity in Windows 10, do the following.

  1. Open the Windows Defender Security Center app.
  2. Click on the Device security icon.Windows Defender Device Security Icon
  3. On the right, click on Core isolation details link.Windows Defender Core Isolation Details Link
  4. Enable the Memory integrity toggle option.Enable Core Isolation Memory Integrity In Windows 10
  5. Confirm the UAC prompt.Windows Defender Secuirty Center UAC Prompt
  6. Restart Windows 10 to apply the changes. The reboot is required.Windows Defender Secuirty Center Reboot Request

You are done. The Memory Integrity feature will be enabled.

To disable it, you need to perform the same sequence of steps and turn off the toggle option Memory integrity in the Windows Defender Security Center.

Note: The information and options available in the Device security depends on your hardware configuration. In my case, standard hardware security is not supported by the computer, so the OS is using virtualization-based security.

That's it.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

Advertisment

Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

14 thoughts on “Enable Core Isolation Memory Integrity in Windows 10”

    1. Disabled my intel HD-3000 graphic driver & I wouldn’t allow me to switch off the ‘Memory Integrity’ switch – so I re-imaged.

      Later found out this key…
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity\Enabled

  1. Hmm. Does it have any relation to Meltdown and Spectre vulnerabilities?

    Unfortunately in this article there is not enough information what this options exactly do and if there is a need to enable them?

  2. Just wanted to point out that “virtualization based security” doesn’t mean some hardware feature isn’t supported by you pc. It means some core parts of the system are running in a ‘virtual machine’ with a separate kernel.

  3. Now I can’t disable it (This setting is managed by administrator), but I am the administrator of the PC, there is a registry key that I can change?

    1. Might look to see if you have key
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity\Enabled

      1=True
      0=False

  4. Now I can’t turn it back on! MIcrosoft says don’t delete the incompatible drivers to turn on that feature! Memory integrity sounds like a GOOD thing!!

Leave a Reply

Your email address will not be published.

css.php
Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.