Question Windows 10's "core isolation" / "memory integrity" feature

May 19, 2011
12,461
463
126
#1
Aug 25, 2001
43,790
592
126
#2
I'm running 1809 64-bit Pro, and it says that I don't even meet "Standard Hardware Security", two of which required items are TPM 2.0, and Secure Boot. I think that my Ryzen R5 1600 CPU supports TPM built-in, but I don't have Secure Boot enabled.

So, it looks like you need those features, at a minimum, before you can even THINK of enabling the additional security layers that you are describing. Oh well. I like being able to access my BIOS by a hotkey during boot. (Disabled in Secure Boot mode.)
 
May 19, 2011
12,461
463
126
#3
Interesting. Z97 board here, and it gives me the memory isolation option. It adds a good 5 seconds to the boot cycle though before the circular progress bit starts.

I have UEFI enabled but secure boot disabled due to Linux.
 

Iron Woode

Super Moderator
Super Moderator
Oct 10, 1999
23,597
183
126
#4
memory isolation is working on my system in my sig.
 

kjboughton

Senior member
Dec 19, 2007
330
7
116
#5
I'm running 1809 64-bit Pro, and it says that I don't even meet "Standard Hardware Security", two of which required items are TPM 2.0, and Secure Boot. I think that my Ryzen R5 1600 CPU supports TPM built-in, but I don't have Secure Boot enabled.

So, it looks like you need those features, at a minimum, before you can even THINK of enabling the additional security layers that you are describing. Oh well. I like being able to access my BIOS by a hotkey during boot. (Disabled in Secure Boot mode.)
Ha. Secure boot has no effect after transferring control to OS. That MS would make dependent on this “feature” further “security” capabilities is a testament to their herding ability. Essentially secure boot turns your system into a hardened boot-loader just like all those Apple, Android phones etc that you are forced to unlocked and “jail break” if you want proper control. MS are walking the other direction now and want that for your desktop “experience.” Today, optional. In th future, mandatory (for your own protection, of course).
 

Chiefcrowe

Diamond Member
Sep 15, 2008
4,706
13
101
#6
Thanks for the heads up!
It's strange that I read a bunch of articles on this new Win 10 and this never came up until now. Perhaps they are still not quite ready for people to start using it - that's what it seems like to me.

I tried to enable it but it didn't stay enabled after restarting - probably because I use Hyper-V. I didn't see anything specifically on Hyper-V not working with it, but it would be nice if they clarified...
 

Similar threads



ASK THE COMMUNITY

TRENDING THREADS