Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Operating Systems
Windows 10
Microsoft: Turn off Memory Integrity if it’s causing problems
Message
<blockquote data-quote="oldschool" data-source="post: 864664" data-attributes="member: 71262"><p>Microsoft has finally clarified how users can fix a Windows security measure that has been causing hardware problems: turn it off. The advice, issued last week, should bring relief to many users of Memory Integrity, a feature designed to protect Windows computers from badly behaved drivers.</p><p></p><p>Memory Integrity is a feature inside a broader set of protections called Core Isolation. It uses hardware virtualisation to protect sensitive processes from infection. These features are a subset of virtualisation-based security features that Microsoft has offered to enterprise users since Windows 10 shipped. It rolled out Core Isolation and Memory Integrity to all Windows editions in 2018.</p><p></p><p>Memory Integrity (also called hypervisor-protected code Integrity or HVCI), uses Microsoft’s Hyper-V hypervisor to virtualise the hardware running some Windows kernel-model processes, protecting them against the injection of malicious code.</p><p></p><p>One use case for Memory Integrity is to protect Windows from user-mode drivers and applications that misbehave, perhaps due to an exploited security flaw. Hardware drivers are pieces of software developed by the hardware vendors that enable devices to work with Windows. Even legitimate drivers can have bugs. An attacker could use those bugs to gain privileged access to the system. Memory Integrity walls off sensitive kernel processes from that software.</p><p></p><p>When Microsoft first shipped this feature as an upgrade, you had to enable it. In fresh installations of Windows, it was turned on by default.</p><p></p><p>This virtualisation-powered technology is great at protecting your system, but it isn’t without its drawbacks. Users have complained that they’re not compatible with different brands and builds of PCs, and that they don’t work with peripherals, <a href="https://social.technet.microsoft.com/Forums/en-US/2bd8dda9-ac44-462e-83d5-2f759362c002/microsoft-lifecam-hd3000-not-working-with-core-isolation-memory-integrity?forum=win10itprohardware" target="_blank">including Microsoft’s own webcams</a>.</p><p></p><p><a href="https://secure2.sophos.com/en-us/products/next-gen-firewall/free-trial/xg-firewall-demo.aspx?cmp=40280" target="_blank">https://secure2.sophos.com/en-us/products/next-gen-firewall/free-trial/xg-firewall-demo.aspx?cmp=40280</a></p><p><a href="https://techcommunity.microsoft.com/t5/windows-insider-program/windows-defender-system-guard-making-a-leap-forward-in-platform/m-p/167303#M1256" target="_blank">Microsoft said early on</a> that Memory Integrity might cause compatibility problems, and even silently switches it off when it gets in the way of boot-critical drivers. However, in some cases, users must take action themselves.</p><p></p><p>In a 5 March 2020 support bulletin, Microsoft addresses a specific error that Memory Integrity can trigger. If your computer tells you “A driver can’t load on this device”, then <a href="https://support.microsoft.com/en-us/help/4526424/windows-10-driver-cant-load-on-this-device" target="_blank">check this out</a>.</p><p></p><p>The bulletin says:</p><p></p><p></p><p>And it advises you to get it sorted, quickly:</p><p></p><p></p><p>But how? Here’s where the advice isn’t especially stellar. It tells you to look for an updated driver from the vendor, which will hopefully fix the problem. If not, then your best technical support option is to, um, turn Memory Integrity off.</p><p></p><p>The <a href="https://support.microsoft.com/en-us/help/4526424/windows-10-driver-cant-load-on-this-device" target="_blank">bulletin</a> comes with clear instructions on how to do that:</p><p></p><ol> <li data-xf-list-type="ol">Open the Core isolation page by selecting <strong>Start</strong> > <strong>Settings</strong> > <strong>Update & Security</strong> > <strong>Windows Security</strong> > <strong>Device Security</strong> and then under <strong>Core isolation</strong>, selecting <strong>Core isolation details</strong>.</li> <li data-xf-list-type="ol">Turn the <strong>Memory integrity </strong>setting<strong> Off</strong> if it isn’t already. Restart your computer.</li> </ol><p>Being able to turn off Memory Integrity isn’t a new feature. Microsoft is just reminding you that it’s there. You should always keep all your drivers up to date to avoid any potential performance or security problems. This is a last resort to deal with any vendors that haven’t made their devices compatible with the security feature yet.</p><p></p><p>[URL unfurl="true"]https://nakedsecurity.sophos.com/2020/03/09/microsoft-turn-off-memory-integrity-if-its-causing-problems/[/URL]</p></blockquote><p></p>
[QUOTE="oldschool, post: 864664, member: 71262"] Microsoft has finally clarified how users can fix a Windows security measure that has been causing hardware problems: turn it off. The advice, issued last week, should bring relief to many users of Memory Integrity, a feature designed to protect Windows computers from badly behaved drivers. Memory Integrity is a feature inside a broader set of protections called Core Isolation. It uses hardware virtualisation to protect sensitive processes from infection. These features are a subset of virtualisation-based security features that Microsoft has offered to enterprise users since Windows 10 shipped. It rolled out Core Isolation and Memory Integrity to all Windows editions in 2018. Memory Integrity (also called hypervisor-protected code Integrity or HVCI), uses Microsoft’s Hyper-V hypervisor to virtualise the hardware running some Windows kernel-model processes, protecting them against the injection of malicious code. One use case for Memory Integrity is to protect Windows from user-mode drivers and applications that misbehave, perhaps due to an exploited security flaw. Hardware drivers are pieces of software developed by the hardware vendors that enable devices to work with Windows. Even legitimate drivers can have bugs. An attacker could use those bugs to gain privileged access to the system. Memory Integrity walls off sensitive kernel processes from that software. When Microsoft first shipped this feature as an upgrade, you had to enable it. In fresh installations of Windows, it was turned on by default. This virtualisation-powered technology is great at protecting your system, but it isn’t without its drawbacks. Users have complained that they’re not compatible with different brands and builds of PCs, and that they don’t work with peripherals, [URL='https://social.technet.microsoft.com/Forums/en-US/2bd8dda9-ac44-462e-83d5-2f759362c002/microsoft-lifecam-hd3000-not-working-with-core-isolation-memory-integrity?forum=win10itprohardware']including Microsoft’s own webcams[/URL]. [URL='https://secure2.sophos.com/en-us/products/next-gen-firewall/free-trial/xg-firewall-demo.aspx?cmp=40280'][/URL] [URL='https://techcommunity.microsoft.com/t5/windows-insider-program/windows-defender-system-guard-making-a-leap-forward-in-platform/m-p/167303#M1256']Microsoft said early on[/URL] that Memory Integrity might cause compatibility problems, and even silently switches it off when it gets in the way of boot-critical drivers. However, in some cases, users must take action themselves. In a 5 March 2020 support bulletin, Microsoft addresses a specific error that Memory Integrity can trigger. If your computer tells you “A driver can’t load on this device”, then [URL='https://support.microsoft.com/en-us/help/4526424/windows-10-driver-cant-load-on-this-device']check this out[/URL]. The bulletin says: And it advises you to get it sorted, quickly: But how? Here’s where the advice isn’t especially stellar. It tells you to look for an updated driver from the vendor, which will hopefully fix the problem. If not, then your best technical support option is to, um, turn Memory Integrity off. The [URL='https://support.microsoft.com/en-us/help/4526424/windows-10-driver-cant-load-on-this-device']bulletin[/URL] comes with clear instructions on how to do that: [LIST=1] [*]Open the Core isolation page by selecting [B]Start[/B] > [B]Settings[/B] > [B]Update & Security[/B] > [B]Windows Security[/B] > [B]Device Security[/B] and then under [B]Core isolation[/B], selecting [B]Core isolation details[/B]. [*]Turn the [B]Memory integrity [/B]setting[B] Off[/B] if it isn’t already. Restart your computer. [/LIST] Being able to turn off Memory Integrity isn’t a new feature. Microsoft is just reminding you that it’s there. You should always keep all your drivers up to date to avoid any potential performance or security problems. This is a last resort to deal with any vendors that haven’t made their devices compatible with the security feature yet. [URL unfurl="true"]https://nakedsecurity.sophos.com/2020/03/09/microsoft-turn-off-memory-integrity-if-its-causing-problems/[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Top