Secure Windows 10/11: Turn On Core Isolation (Memory Integrity) + Fix Driver Blocks

Secure Windows 10/11: Turn On Core Isolation (Memory Integrity) + Fix Driver Blocks​

Difficulty: Intermediate | Time Required: 15 minutes
Core Isolation’s Memory integrity feature (also called HVCI – Hypervisor-Protected Code Integrity) adds an extra security layer that helps prevent malicious or unsigned code from running in the Windows kernel. This is important because kernel-level threats (rootkits, vulnerable drivers, certain ransomware techniques) can bypass many traditional protections.
On some PCs, turning it on fails because Windows detects incompatible or vulnerable drivers. This tutorial shows you how to enable Memory integrity safely—and how to identify and fix the “driver blocks” that prevent it.

---

Prerequisites​

Before you begin:

• Windows 10 (version 1903+) or Windows 11
  • Windows 11 supports this broadly; Windows 10 needs a relatively modern build.
• Admin account access
• A few minutes for a restart
• Recommended (not required, but smart):
  • Create a restore point (driver changes can occasionally cause issues)
  • Have your device/vendor support page handy (for updated drivers)

Create a Restore Point (recommended)​

1. Press Start, type Create a restore point, and open it.
2. Select your System drive (usually C → Configure (if needed) → turn on protection.
3. Click Create…, name it (e.g., Before enabling Memory Integrity), then Create.

---

Step-by-Step: Turn On Core Isolation (Memory Integrity)​

Step 1: Open Windows Security​

1. Press Windows + I to open Settings.
2. Go to:
   • Windows 11: Privacy & security → Windows Security
   • Windows 10: Update & Security → Windows Security
3. Click Open Windows Security.

Step 2: Navigate to Core Isolation​

1. In Windows Security, click Device security.
2. Under Core isolation, click Core isolation details.

Step 3: Enable Memory integrity​

1. Toggle Memory integrity to On.
2. If prompted, click Restart.

If it switches on successfully: you’re done—skip to the Tips section for best practices.
If you see a message like “Memory integrity can’t be turned on” due to incompatible drivers, continue below.

---

Fix Driver Blocks (Most Common Reason It Won’t Enable)​

When Windows blocks Memory integrity, it’s usually because a driver is:

• too old
• not HVCI-compatible
• known vulnerable
• installed by older hardware utilities, legacy VPNs, outdated anti-cheat, virtual drive software, etc.

Step 4: View the blocked drivers list​

1. Go back to Windows Security → Device security → Core isolation details.
2. Under the Memory integrity message, look for Review incompatible drivers (wording can vary).
3. Note the driver file name (commonly .sys) and any publisher info shown.

Tip: Write down the exact filenames (example: olddriver.sys). You’ll use them to locate what installed them.

---

Step-by-Step Fix Options (Use the Least Disruptive First)​

Step 5: Update Windows fully (quick win)​

Sometimes Windows Update delivers newer compatible drivers.

1. Settings → Windows Update
2. Click Check for updates
3. Also check:
   • Advanced options → Optional updates → Driver updates
4. Install updates, then restart.

Go back and try enabling Memory integrity again.

---

Step 6: Update the driver from the PC or device manufacturer​

If Windows names a driver but doesn’t automatically update it, get a newer version directly.

1. Identify the hardware/software tied to the driver:
   • If the blocked driver looks like a chipset/storage/network driver, start with your PC/motherboard vendor.
2. Download and install updated drivers from:
   • Your laptop/desktop manufacturer (Dell/HP/Lenovo/ASUS/Acer/MSI, etc.)
   • Your motherboard vendor (ASUS/Gigabyte/MSI/ASRock)
   • Or the component vendor (Intel/AMD/NVIDIA/Realtek, etc.)
3. Restart.
4. Try enabling Memory integrity again.

Warning: Avoid “driver download” sites and driver-pack installers. Stick to official sources or Windows Update.

---

Step 7: If the driver belongs to an app, update or uninstall the app​

Many blocked .sys drivers come from older utilities.

1. Press Windows + I → Apps
2. Find likely candidates (examples):
   • old VPN clients
   • legacy antivirus remnants
   • RGB/overclock utilities
   • virtual drive tools
   • older hardware monitoring tools
3. Choose Update (if available) or Uninstall
4. Restart and try again.

Note: If you still need the program, reinstall the latest version after turning on Memory integrity.

---

Step 8: Locate what the .sys file is tied to (advanced but useful)​

If Windows only shows a filename and you don’t recognize it:

1. Press Windows + X → Terminal (Admin) or Command Prompt (Admin)
2. Run:
   pnputil /enum-drivers
3. Look for entries with Published Name (like oem23.inf) and compare Driver Package Provider / Class / Original Name.
   This list can be long—use the Windows Terminal search (Ctrl+F) for a clue (vendor name, or part of the filename if shown in Windows Security).

You can also check the driver file on disk:

1. Navigate to C:\Windows\System32\drivers
2. Find the blocked .sys file
3. Right-click → Properties → Details (often shows product/vendor)

Tip: Once you identify the related software/hardware, updating or removing that package is usually the cleanest solution.

---

Step 9 (Use with caution): Remove an old driver package (last resort)​

Only do this if you’re confident the driver is not required (or you have an updated replacement).

1. Open Terminal (Admin)
2. Remove the driver package (requires the INF name like oem23.inf):
   pnputil /delete-driver oem23.inf /uninstall /force
3. Restart and attempt to enable Memory integrity again.

Warning: Removing the wrong driver can break hardware functionality (network, storage, input devices). If unsure, stop and ask on the forum with the driver filename and your PC model.

---

Verify Memory Integrity Is Enabled​

Step 10: Confirm the setting​

1. Open Windows Security → Device security → Core isolation details
2. Confirm Memory integrity = On

Optional verification:

• System Information
  1. Press Windows + R, type msinfo32, press Enter
  2. Look for virtualization/security-related lines (availability varies by system)

---

Tips & Troubleshooting Notes​

Performance and compatibility notes​

• Memory integrity can slightly affect performance on some systems, but on modern CPUs it’s usually minimal.
• Some older drivers (especially legacy gaming peripherals, old audio interfaces, certain virtualization tools) may never become compatible.

If the toggle keeps turning off​

• Ensure Windows is fully updated
• Update BIOS/UEFI firmware (from your manufacturer) if you have stability or virtualization-related issues
• Check if you’re using third-party virtualization/security software that conflicts (rare, but possible)

“My hardware doesn’t support it”​

• Most Windows 11-capable PCs support the necessary virtualization features, but they must be enabled in firmware:
  • Intel VT-x / VT-d or AMD-V / SVM
• If Memory integrity options are missing or greyed out, check UEFI/BIOS settings and update firmware.

If you get a BSOD after changing drivers​

• Boot into Safe Mode
• Use System Restore (the restore point you created)
• Reinstall a stable driver version from the vendor

---

Conclusion​

Enabling Core Isolation (Memory integrity) is one of the most meaningful security upgrades you can apply on Windows 10/11, because it helps protect the most sensitive part of the operating system—the kernel—from untrusted or vulnerable code. If drivers block it, the fix is usually straightforward: update or remove outdated driver packages and keep your system current.
Key Takeaways:

• Memory integrity (HVCI) helps prevent malicious code from running in the Windows kernel.
• Driver blocks are common and typically solved by updating drivers via Windows Update or the device manufacturer.
• Uninstalling outdated utilities and removing legacy drivers can restore compatibility.
• Creating a restore point first makes troubleshooting safe and reversible.

---

This tutorial was generated to help WindowsForum.com users get the most out of their Windows experience.