Ransomware is a common attack that hackers are using to take control of your system, locking down the files and asking you for money to disable it. In the technological era, hackers use this to lock up your system, threatening you with publishing your personal data. Well, Microsoft itself came and offered a solution for its Windows 11 users. The first thing they offer against these attacks is an option to isolate your system’s core memory and data in Windows 11. This option is offered via the Memory Integrity setting, which is also referred to as Hyper-Protected Code Integrity. This option, when enabled, will make it difficult for any malware to latch into the system’s core processes.

There are some steps to enable this setting, but before we get to that, we first need to see if your system is even compatible with this setting or not.

System Requirements
Any system that wants to create an isolating type of protection must meet some requirements. Since the system will be asked to run apps in a container without access to other parts of the system, the system should be able to handle virtualization. Then, it must be confirmed if the system matches up to the hardware security standards as shown below:

  • Security Boot should be enabled.
  • UET MAT should be supported.
  • DEP should be supported.
  • TPM 2.0 should be enabled.
  • CPU Virtualization must be enabled.

Once these requirements are double-checked and enabled accordingly, the proper security to protect you against malware will be set up.

In this guide, we’ll go through a few of them in detail, giving you a step-by-step guide on enabling or disabling Core Isolation Memory Integrity in Windows 11.

Step 1 – Enable CPU Virtualization
CPU Virtualization is a capability of a system to simulate multiple CPUs. This is not only good for the security reasons that we are after, but also provides the system to run faster and more efficiently than as a single unit. Many who’ve been in exposure to virtual machines have experienced and used this feature to create virtual systems of different operating systems, running Windows 7 in Windows 10 or 11. Follow the steps below to enable CPU virtualization:

  • Restart your PC.
  • A screen will appear that will indicate you to press a key to enter UEFI BIOS settings.
  • Press that key.
  • Click on the Advanced tab once you enter BIOS.
  • Next, head over to the CPU Configuration.
  • If you have an Intel CPU, then enable the Intel VMX Virtualization Technology
  • However, if you have an AMD CPU, then enable the SVM Mode.
  • Once done, close the BIOS and save the settings.
  • Once the PC boots up, head over to the next step given below.

Step 2 – Enable Secure Boot
As mentioned before, enabling the secure boot is also needed to have that added security to protect your PC from malware. Its purpose is to detect any kind of tampering with operating system files and boot loaders and act accordingly. Follow the steps below to enable this setting through the BIOS:

  • Enter the BIOS settings.
  • Locate the Secure Boot option and turn it ON.
  • After that, save the BIOS settings and let the PC boot up. Once the boot-up is complete, move on to the next step given below.

Step 3 – Enable TPM 2.0
As mentioned earlier, this too is a necessary requirement for complete protection against ransomware. Follow the steps below to enable it:

  • Press the Win + R keys to open the Run Program.
  • Type in ‘tpm.msc’ and hit Enter.
  • Select the Status once the TPM module opens up.
  • If “TPM is ready for usage” is displayed, then there is no need to do anything else as your TPM is already enabled.
  • However, if “TPM is not supported” is displayed, then it means there is an issue with the compatibility of TPM with your system.
  • If “Compatible TPM cannot be found” is displayed, then you need to enable the TPM.

To activate TPM:

  • Enter BIOS settings.
  • Head over to the Security Tab.
  • Look for the Trusted Platform Module and set it to enabled.
  • After the procedure, continue the booting process and head to the next step below.

Step 4 – Enable Core Isolation and Memory Integrity
If you’ve correctly followed steps 1,2 and 3 before this, the following will be quick and easy.

  • Press the Win + R keys.
  • Type in ‘windowsdefender:’
  • Press Ctrl + Shift + Enter to get to Windows Defender.
  • Click on Yes.
  • Head over to the Windows Security section.
  • Under the device security, click on Go to Setting option.
  • Click on core isolation details.
  • Enable Memory Integrity as well.
  • Click Yes to grant access.

Once all of the procedure is completed, reboot your PC and see if the problem is still disturbing you or not.

That is all for our Windows 11 guide with tips on enabling or disabling Core Isolation Memory Integrity. Also, see our hub for commonly occurring PC errors and their fixes if you are experiencing other errors on your PC or video games.

Leave a Reply