The security of your Windows PC is critical to its proper functioning. If the system is protected from hackers and malware and its core functionality is stable, then Windows has a secure environment to perform full functionality.
Windows has a number of security features that utilize different components to achieve this, and Memory Integrity is one of them. But these features can sometimes impact system performance, especially if they are forced on you by default.
To understand the breadth of how memory integrity works, we need to understand two other features related to it - core isolation and virtual machine platform (VMP).
When these features are turned on, Windows isolates the core decision-making processes from the rest of memory and creates a safe working environment for them.
When a program runs, Memory Integrity must verify its driver code and ensure that the installed driver is trustworthy before it can access core Windows functionality. As Microsoft itself emphasizes, this whole process is akin to security in a locked booth, where "Memory Integrity" is the security guard in an isolated environment created by "Core Isolation."
All of this increases the security of the system, and although it all happens very quickly, with so many checks, there is bound to be some impact elsewhere.
Microsoft notes that virtualization technology and memory integrity features may have some impact on performance, especially when gaming or running resource-intensive applications.
In a blog post, Microsoft stated that "in certain scenarios and in certain configurations of gaming devices, memory integrity and VMP may have an impact on performance...".
The entire process of driver verification occupies key system resources and is bound to have an impact on performance. However, it's important to note that on modern systems running Windows 11, this effect appears to be negligible when you're running day-to-day tasks. Only when running resource-hungry applications are valuable resources squeezed.
The entire set of core isolation features is an important aspect of Windows security. It is an important part of ensuring the overall security of your PC and data from malware and hackers. But the performance trade-off may not be worth it, depending on where you stand.
While the performance impact on general productivity may or may not be noticeable, when it comes to gaming it's a different story. This means that if you experience performance degradation when these features are turned on, you should probably consider disabling them before starting a game.
According to Microsoft, "Gamers who want to prioritize performance can choose to turn off these features while playing games and turn them back on when they're done. However, if turned off, the device may be vulnerable to threats ."
If you decide to turn off Memory Integrity, here are some ways to help you do so One point:
Press Start, type "Windows Security" and then press Enter.
Click Device Security in the left pane.
Under Core Isolation, click Core Isolation Details.
Here, under Memory Integrity, toggle the switch to "Off".
You will receive a Windows security notification asking you to restart your system for the changes to take effect.
To turn memory integrity back on, return to this window and switch Memory Integrity to On.
Another way to turn off memory integrity is to use Registry Editor. Here's how to do it.
Press Start, type "regedit" and press Enter.
Once the Registry Editor opens, navigate to the following address:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\ HypervisorEnforcedCodeIntegrity
Alternatively, copy and paste the above into the address bar of Registry Editor and press Enter.
Next, double-click the Enable key on the right.
#Then set its value data from "0" to "1".
Click OK.
Now close the Registry Editor and restart your PC for the changes to take effect.
To turn memory integrity back on, return this key, change the value back to "0" and click OK.
The Group Policy Editor can be used to enable or disable the entire virtualization-based security on which memory integrity depends. To do this, follow these steps:
Press Start, type "Group Policy", and then press Enter.
After the Group Policy Editor opens, click Administrative Templates under Computer Configuration in the left pane.
#Then, on the right side, double-click System.
Double-click Device Guard.
Now, double-click to turn on virtualization-based security .
Select Disable to turn it off.
Then click OK.
Now close the Group Policy Editor and restart your PC.
To turn it back on, select Enable.
#Then, under Options, click the drop-down menu for Virtualization-based Code Integrity Protection.
Select Enabled with UEFI Lock.
Finally, click OK.
Now close the Group Policy Editor and restart your PC.
For some users, simply turning on the Memory Integrity switch does not turn it on. Instead, what they get is an error message telling them that an incompatible or malicious driver is installed.
In most cases, Windows will determine exactly which driver is causing the problem. You will need to check with the device manufacturer if a compatible driver is available. If this is not the case, uninstalling the application or device linked to these drivers may resolve the issue, and you must wait until the publisher rolls out a compatible driver before you can use the application associated with it.
If uninstalling the application or device does not resolve the issue, you must uninstall the incompatible driver yourself. To do this, first, note the "Release Name" of the driver when you receive the error message.
Then, follow these steps:
Press Start, type cmd, Right-click Command Prompt and select Run as administrator.
Here, type the following command to get a list of all third-party drivers on your system:
dism /online /get-drivers / format:table
Click to enter. You will now get a list of all third-party drivers on your system, including additional information about them such as the name of the provider, release date, version, etc.
To uninstall the one causing the problem, type the following command:
pnputil /delete-driver (driver's published name) /uninstall /force
# Make sure you type the correct publication name. Otherwise, you may end up deleting running drivers and causing problems with peripherals and applications. Press Enter after entering the command.
You will now remove the problematic driver and can turn on Memory Integrity via the method given above.
Memory integrity is a key feature of Windows security because it creates another layer of security for core components running in a virtual environment. If you don't turn it on, you're basically leaving your system vulnerable to a variety of threats that can compromise not only your system, but your data as well.
That said, if you only disable it for a short period of time, such as while playing a game, it shouldn't cause much trouble as there are other Windows security features that can protect you on its behalf.
Theoretically, memory integrity will have an impact on performance. However, in real applications, you may or may not feel any performance degradation at all. You'll only experience slight slowdowns when running resource-intensive applications like games. So if you want to improve your gaming performance, you can try disabling memory integrity beforehand.
The memory integrity feature was previously turned off by default. However, Microsoft has been pushing hard for users to make this a security feature, and it has been turned on by default since the 22H2 update.
We hope you now have a better understanding of what memory integrity is, what it does, and how to turn it on or off depending on whether you want better performance or better security on Windows 11 .
The above is the detailed content of 'Windows 11 Memory Integrity is Off” Issue: How to Fix. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
