On both of the Surface 3 laptops in our company, we recently noticed that Memory Integrity was not running. It was off with no visible reason why. However, when we attempted to turn it back on, an error occurred.
What is Core isolation?
Microsoft has this to say about it.
Core isolation is a security feature of Microsoft Windows that protects important core processes of Windows from malicious software by isolating them in memory. It does this by running those core processes in a virtualized environment.
Memory integrity is one feature of core isolation which regularly verifies the integrity of the code running those core processes in an attempt to prevent any attacks from altering them. Memory integrity is a feature of core isolation. By turning on the Memory integrity setting, you can help prevent malicious code from accessing high-security processes in the event of an attack.
Without memory integrity enabled the computer vulnerable to memory-based attacks.
The first thing to notice is that you’re unable to slide over to enable memory integrity. When you do so it slides back and indicates that an error has occurred. There is a link to click on to view incompatible drivers. When you do a list of drivers that are in the way appears.
You have two choices for how to proceed now. You can try to update the driver for that piece of hardware, or you can delete the driver. In the case of the Surface Laptop 3, the driver in question was by Western Digital and we were able to delete it with the machine running, which means that it wasn’t in use. Once deleted you’ll be able to enable memory integrity. Doing that will prompt for a reboot.
Your computer is now protected from malware that might try to modify core components running in memory.
Check those Surface Laptop 3 machines!
All we do is support IT professionals. Help for IT Pros, Super Secret News, Security community, MSP Legislation community, EndPoint Security community, kits, papers, MSP training and more. https://www.thirdtier.net Open a ticket and let us help you!