Windows Defender Secuirty Center Icon Big

Enable Core Isolation Memory Integrity in Windows 10

With recent Windows 10 releases, there is a new Device security page available in the Windows Defender Security Center. It reports the status of security features built into your devices. There, it is also possible to manage various features on to enable enhanced device protection.

Windows 10 Creators Update version 1703 brought yet another change to Windows 10's UI. There is a new app called Windows Defender Security Center. It has been created to help the user control his security and privacy settings in a clear and useful way.

Before you proceed, here is what you need to know. Don't be confused between Windows Defender and Windows Defender Security Center. Windows Defender is the built-in anti-virus software which provides real-time protection against threats. The Windows Defender Security Center app is just a dashboard which allows you to track your protection state. It can be used to configure various security options like SmartScreen.

Starting with Windows 10 Build 17093, you can configure Core isolation Memory integrity using Windows Defender Security Center. The Core isolation feature provides a number of virtualization-based security options to protect core parts of your computer. Memory Integrity is part of the Core isolation feature that prevents attacks from inserting malicious code into high-security processes. Let's see how to enable this useful feature.

To enable Core Isolation Memory Integrity in Windows 10, do the following.

  1. Open the Windows Defender Security Center app.
  2. Click on the Device security icon.
  3. On the right, click on Core isolation details link.
  4. Enable the Memory integrity toggle option.
  5. Confirm the UAC prompt.
  6. Restart Windows 10 to apply the changes. The reboot is required.

You are done. The Memory Integrity feature will be enabled.

To disable it, you need to perform the same sequence of steps and turn off the toggle option Memory integrity in the Windows Defender Security Center.

Note: The information and options available in the Device security depends on your hardware configuration. In my case, standard hardware security is not supported by the computer, so the OS is using virtualization-based security.

That's it.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

14 thoughts on “Enable Core Isolation Memory Integrity in Windows 10

    1. mike

      Disabled my intel HD-3000 graphic driver & I wouldn’t allow me to switch off the ‘Memory Integrity’ switch – so I re-imaged.

      Later found out this key…
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity\Enabled

      Reply
  1. Toshik

    Hmm. Does it have any relation to Meltdown and Spectre vulnerabilities?

    Unfortunately in this article there is not enough information what this options exactly do and if there is a need to enable them?

    Reply
  2. Some guy

    Just wanted to point out that “virtualization based security” doesn’t mean some hardware feature isn’t supported by you pc. It means some core parts of the system are running in a ‘virtual machine’ with a separate kernel.

    Reply
  3. Sebastiano Barezzi

    Now I can’t disable it (This setting is managed by administrator), but I am the administrator of the PC, there is a registry key that I can change?

    Reply
    1. mike

      Might look to see if you have key
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity\Enabled

      1=True
      0=False

      Reply
  4. Debby

    Now I can’t turn it back on! MIcrosoft says don’t delete the incompatible drivers to turn on that feature! Memory integrity sounds like a GOOD thing!!

    Reply

Leave a Reply

Your email address will not be published.