"Core Isolation" and "Memory Integrity" settings missing from Device Security in Windows 11

Discussion in 'Operating Systems' started by BlindBison, Aug 9, 2022.

  1. BlindBison

    BlindBison Maha Guru

    Messages:
    1,451
    Likes Received:
    534
    GPU:
    RTX 2080 Super
    upload_2022-8-8_20-14-57.png
    Does this have to do with TPM being enabled?

    I could've sworn before I clean installed windows that I had those settings visible here, but maybe my brain is playing tricks on me. I couldn't really find much on this Googling around surprisingly (though I did find videos for if Defender altogether wasn't visible). Thanks!

    A followup question I had is, does TPM have an impact on system performance/FPS at all? Thanks!
     
  2. =GGC=Phantomblu

    =GGC=Phantomblu Member Guru

    Messages:
    180
    Likes Received:
    54
    GPU:
    Radeon RX 6900XT
    Screenshot (4).png
    Yes, it has to do with the TPM. On my system with a Ryzen 5950x I can tell you that I don't notice it at all ..
     
    Last edited: Aug 9, 2022
    BlindBison likes this.
  3. BlindBison

    BlindBison Maha Guru

    Messages:
    1,451
    Likes Received:
    534
    GPU:
    RTX 2080 Super
    Thanks! One question I have for all of this is, if those options are "missing" from Defender/Device Security does that mean that they are both enabled? Ideally I'd actually like to "Disable" Core isolation and memory integrity, but it doesn't look like I have any control over that for whatever reason(s).
     
  4. Espionage724

    Espionage724 Master Guru

    Messages:
    683
    Likes Received:
    294
    GPU:
    EVGA RTX 3060 XC
    I thought Core Isolation was virtualization-related. If so, it's likely SVM is disabled in the BIOS.
     
    BlindBison likes this.

  5. =GGC=Phantomblu

    =GGC=Phantomblu Member Guru

    Messages:
    180
    Likes Received:
    54
    GPU:
    Radeon RX 6900XT

    https://support.microsoft.com/en-us...security-afa11526-de57-b1c5-599f-3a4c6a61c5e2




    How to Enable or Disable Core Isolation Memory Integrity in Windows 11 Using the Registry Editor
    NOTE: before starting, save / export the log file so that the user can restore it if something goes wrong as it could completely damage the system.

    Step 1: Press Windows + R keys to open Run command box and type regedit.

    Step 2: Press the Enter key to open the Registry Editor.



    NOTE: Accept the UAC request by clicking Yes to continue.

    Step 3: in the registry editor, copy and paste the following path into the address bar and press E nter to reach the Scenarios registry key.

    Step 4: Right-click the Registry Key Scenarios and select New> DWORD (32-bit) Value from the menu as shown below.

    Step 5: Rename the new DWORD value to HypervisorEnforcedCodeIntegrity and double click on it to open it.

    Step 6: Then, enter 0 in the Value data field and click OK if the user wants to disable it.

    Step 7: If you want to enable it, enter 1 in the Value data field and click OK as shown below.

    Step 8: when finished, close the registry editor.

    Step 9: Reboot your system once.

    That's all.
     
    Last edited: Aug 9, 2022
    BlindBison likes this.
  6. BlindBison

    BlindBison Maha Guru

    Messages:
    1,451
    Likes Received:
    534
    GPU:
    RTX 2080 Super
    Thanks a lot!
     
  7. BlindBison

    BlindBison Maha Guru

    Messages:
    1,451
    Likes Received:
    534
    GPU:
    RTX 2080 Super
    https://answers.microsoft.com/en-us...t-memory/7c3673f8-b6d8-4865-8cdc-5430498b61f5

    Looks like you're right going off of this -- if virtualization is disabled then I think maybe these settings are OFF already but it would be nice to see them present and just greyed out or something imo.
     
  8. sykozis

    sykozis Ancient Guru

    Messages:
    22,265
    Likes Received:
    1,346
    GPU:
    MSI RX5700...
    Core Isolation is only enabled if you have SVM enabled in UEFI. Memory Integrity is disabled by default and must be enabled by the user, after SVM is enabled.
    If SVM is disabled in UEFI, there's no reason for the Core Isolation feature to appear as it's not supported by the hardware configuration.

    TPM has zero impact on performance unless you have an AMD processor, in which case it CAN cause stuttering (apparently)..... Personally, I've had zero issues with AMD's fTPM implementation but recommend a dedicated TPM module anyway. There is the possibility of a performance loss on file access (read/write) if you've enabled BitLocker, but since I don't use BitLocker and have no reliable means to benchmark such things accurately, I can't say for certain.
     
    BlindBison likes this.
  9. BlindBison

    BlindBison Maha Guru

    Messages:
    1,451
    Likes Received:
    534
    GPU:
    RTX 2080 Super
    Thanks!
     

Share This Page