andrewek 28 Posted June 1, 2020 Report Share Posted June 1, 2020 Hello all! I have a general idea about the Isolation of the kernel and the Integrity of the Memory of Windows 10. But here's a question for specialists: how should the configuration of the Integrity of the Memory be by default? On or off? Some authors report that it should be turned off by default in order to avoid various problems (including installing new drivers). Others write that in recent versions of Windows this setting is enabled by default. But how right? or is it individual for each particular system? I also ask because on one system the Integrity of Memory in the Core Isolation is turned on, and on the other it is off! At the same time, both systems (1909) work satisfactorily) What should this default setting be? p.s. sorry, the screen is in Russian, but I hope everything is clear. Probably, this issue is important both for the security of the operating system as a whole, and for the correct installation of Windows updates. Quote Link to post Share on other sites
GT500 861 Posted June 3, 2020 Report Share Posted June 3, 2020 Core isolation is off by default on my Windows 10 x64 (1909) system. It's also off on my Windows 10 x64 (2004) VM. 1 Quote Link to post Share on other sites
andrewek 28 Posted June 3, 2020 Author Report Share Posted June 3, 2020 Hello! Perhaps I should turn it off too? I just don’t know what to do)🙄 On the laptop - on, on a desktop computer - off ... So it was by default, Windows 10х64 (1909) Quote Link to post Share on other sites
GT500 861 Posted June 3, 2020 Report Share Posted June 3, 2020 33 minutes ago, andrewek said: Perhaps I should turn it off too? It's been a long time, however I think there's a possibility of the core isolation feature causing crashes in Emsisoft Anti-Malware. I know it used to cause BSoD's, however from what I am seeing that appears to have been fixed at some point, and about a year ago QA confirmed EAM could run with the option enabled. 1 Quote Link to post Share on other sites
andrewek 28 Posted June 3, 2020 Author Report Share Posted June 3, 2020 I had crashes ( BSoD) related to AdGuard. After changing the settings AdGuard (related to its network driver) - there are no more failures. Quote Link to post Share on other sites
GT500 861 Posted June 3, 2020 Report Share Posted June 3, 2020 1 minute ago, andrewek said: I had crashes ( BSoD) related to AdGuard. After changing the settings AdGuard (related to its network driver) - there are no more failures. I think that issue was unrelated to core isolation, however you can try turning it off and see if it effects that issue. Quote Link to post Share on other sites
andrewek 28 Posted June 3, 2020 Author Report Share Posted June 3, 2020 No, no, I have no crash (BSoD) for more than six months. In general, does Core Isolation - really increase system protection or only increase the risk of crash with incompatible devices? Quote Link to post Share on other sites
GT500 861 Posted June 5, 2020 Report Share Posted June 5, 2020 On 6/3/2020 at 2:40 AM, andrewek said: In general, does Core Isolation - really increase system protection or only increase the risk of crash with incompatible devices? From what I'm reading, it should make the system more secure. That being said, Microsoft isn't known for making bug-free features. 1 Quote Link to post Share on other sites
andrewek 28 Posted June 5, 2020 Author Report Share Posted June 5, 2020 Hello! Yes, I read it. Tell me, if the system works without problems, you can NOT turn Off Core Isolation? It is recommended to disable, if only problems appear, do I understand correctly? Quote Link to post Share on other sites
GT500 861 Posted June 6, 2020 Report Share Posted June 6, 2020 11 hours ago, andrewek said: It is recommended to disable, if only problems appear, do I understand correctly? I'd say turning it either on or off is optional, however Microsoft does seem to think that computers would be more secure with this option turned on. 2 Quote Link to post Share on other sites
Raynor 4 Posted December 26, 2020 Report Share Posted December 26, 2020 On 6/3/2020 at 8:13 AM, GT500 said: It's been a long time, however I think there's a possibility of the core isolation feature causing crashes in Emsisoft Anti-Malware. I know it used to cause BSoD's, however from what I am seeing that appears to have been fixed at some point, and about a year ago QA confirmed EAM could run with the option enabled. I have just enabled Memory Integrity on both of my home PCs, and can confirm that EAM now works well with this feature enabled. Please keep it this way. 😉 Compatibility with this feature has become a basic necessity anyway, as brand-new PCs from big hardware manufacturers tend to come with this feature enabled by default when Windows comes pre-installed. Back in 2018, when I first tried enabling Memory Integrity, EAM was indeed incompatible and caused a big fat BSoD on each reboot after enabling the feature (i.e. Windows was rendered unbootable). This is no longer the case. Thanks for making EAM compatible. 👍 PS: For those who are confused right now: "Memory Integrity" is a subset of the "Core Isolation" feature in recent Win 10 versions. While "Core Isolation" is automatically enabled by default on PCs that are at least fairly recent, "Memory Integrity" has to be manually switched on. Unless, of course, you buy a brand new PC from a big manufacturer that comes with Windows 10 pre-installed. These PCs must have this feature switched on by default because Microsoft requires this for some logo/certification stuff. Quote Link to post Share on other sites
GT500 861 Posted December 27, 2020 Report Share Posted December 27, 2020 As far as I know we don't have any plans to make changes to support for this feature. Obviously if it's on by default on new computers, we're going to need to make sure EAM is compatible with it or risk having customers unable to use their new computers after they install EAM. Quote Link to post Share on other sites
andrewek 28 Posted December 27, 2020 Author Report Share Posted December 27, 2020 Hello! I want to say that I have Windows Core Isolation enabled on two computers for over a year. At the same time, there are no problems with the work of EAM. 1 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.