In this post, I will talk about a new feature that you can enable in Windows Security to prevent malicious code injection in processes. The Windows 11 dev update brings changes to Windows security, especially core isolation. The “Memory integrity” option is added and it is enabled by default. When this is enabled, it prevents malicious code injection in high security processes.
Microsoft is no recommending to keep this feature turned on. When you enable it then it will run the core Windows processes in virtualization mode. That means, it will isolate those processes inside a container and thus preventing them for outside attacks via local drivers.
Memory integrity, or more correctly Hypervisor-protected Code Integrity (HVCI) is a Windows security feature that makes it difficult for malicious application programs to use low-level drivers to harm your PC.
Without memory integrity feature enabled, the “security guard” is kind of exposed where it’s easier for an attacker to sabotage it, making it easier for malicious code to sneak past and cause troubles. And if you are like stuff related to Windows security then you better check out Smart App Control as well.
Enable Memory Integrity in Windows 11 to Prevent Malicious Code Injection
For now the earlier builds also had this option but it remains off by default. You have to manually turn it on and I will show you how. If you like to keep with the Dev builds then you probably don’t have to turn it on. But if you are using older builds or in other channel then follow the steps below.
- Open Windows 11 Settings app.
- Go to Privacy & security and then launch Windows Security app from there.
- In Device Security section and there you will see the Core isolation section.
- Click Core isolation details and then it will show you the switch to enable Memory integrity.
- Enable it. And you are done.
In this way, you can easily turn on “Memory integrity” on any Windows 11 build. The process is very simple and straightforward. The above steps will help you and if you get “incompatible drivers” error then you have to update your drivers. There are many free driver updater software for your to use.
It’s good to see Microsoft is working on security features for Windows 11. This new memory integrity feature looks promising and I hope it proves to be a good deterrent against programs that inject malicious code into processes in order to take control of the PC.