Categories
Windows OS

What Is Core Isolation and Memory Integrity in Windows 11?

In recent years, Microsoft has revamped and carefully carved out intelligent & thoughtful security features that prevent attempts to comprise a device and provide robust protection from online threats. So much so that there have been debates sparked around whether one even needs an additional antivirus software for Windows Operating Systems.

Part of being online in the current times with everything constantly connected in real-time has many advantages and conveniences — for both business and personal, but it also opens up the platform for malicious actors to deploy a variety of attacks. As a result, any service, tool, or software that promises to shield you from the onslaught of such hackers have to think about dozens of angles through which they can safeguard everything you love and want to hold onto.

From the many in-built security measures in Windows 11, this post will explore what core isolation and memory integrity are exactly.

What Is Core Isolation in Windows?

The entire idea of Core Isolation is that your OS will segregate critical core processes from the rest of the other normally running ones in order to defend against hostile or ill-natured software/driver or malware. You can think of it as a vault that only the allowed have access to, something that is not open to everyone. Windows achieves this feat by using its virtualization technology.

What does it mean, though? Simply put, your key processes are secured from any activities and attacks that occur outside this environment and highly mitigates the chances of account takeovers, system crashes, malfunctions, etc. This is a highly beneficial security attribute considering how different types of attacks have evolved over the years.

Moreover, this grants some breathing room and time to figure out how to counter the attack — if one has taken place.

How To Access Core Isolation in Windows 11?

Core isolation is an inherent component of Windows Security. As such, it can be accessed by navigating to Windows Security first, and then, from the left panel, selecting “Device Security.” From there, as your last step, click the message of →Core isolation details. See the screenshot below to precisely know how to get to Core Isolation in Windows 11.

how to access core isolation in Windows 11
As shown, Core Isolation in Windows 11 is available under Device Security inside the main Windows Security.

What Is Memory Integrity in Windows 11?

Also referred to as Hypervisor-protected Code Integrity or (HVCI), Memory Integrity gets encompassed under the umbrella of “Core Isolation.” It’s a more specific function of what Core Isolation is supposed to do.

It’s mainly attuned to preserving your access to your computer from ill-intentioned drivers that are designed to bypass that and take control instead.

The way it ends up working is that the memory integrity function operates inside the so-called virtualized closed vault created by Core Isolation, and in there, it scans and checks the code of the driver that is trying to get installed. If memory integrity can verify that everything is legitimate and safe, it eventually gets installed. Without it, your computer is more at risk of ending up with bad drivers that could cause problems.

Enabling or Disabling Memory Integrity

Memory integrity can be turned on or off, but it is highly recommended to have it always enabled. Many Windows devices will have memory integrity actively running by default anyway, so it’s not an action such users need to take.

In any event, as described, memory integrity lives inside Core Isolation, and therefore, can be accessed the same way. To recap, open Windows Security > then, select Device Security > and finally, click on “Core isolation details.” Doing so will take you to the Core Isolation Settings. On the same page, there will be a sub-heading of Memory integrity accompanied by an associated toggle that can be set to on or off.

Adjust the toggle to your desire, say yes to the User Access Control pop-up, restart the device, and at that point, you’d have successfully changed the state of Memory Integrity. Take a look at the screenshots that follow to get some visual context.

turning on memory integrity in windows 11
As represented in this image, Memory integrity can be turned on or off. Also, notice how it’s hosted inside “Core Isolation.”
Clicking on the yes button to let the Windows Security app make changes for turning Memory Integrity on or off
Once you adjust the toggle to either on or off, Windows will invoke the UAC box. You will need to say yes to move forward with your Memory Integrity state update. And finally, as mentioned above, restart the device for the change to take effect completely.

You May Also Want to Check Out:

In Reality, Core Isolation Is Not a “New” Windows 11 Feature

Windows 11 certainly made things better — especially with device security, it should be pointed out that it’s not a “new” trait that only came to fruition with this version of the OS.

In fact, it has been around for a few years as part of Windows 10; however, it seems that it is only now gaining traction due to the acclaim of Windows 11 and how it’s changing things and standing out. Probably also because it requires better hardware. So almost any modern device that can support Windows 11 will most likely support Core Isolation.

Expert Citations