do not enable 'kernel-mode hardware-enforced stack-protection'
or use another kernel altogether.
If already enabled for any significant time, reinstall OS.
Verify integrity of backed up data if possible.
Kernel-mode hardware-enforced stack-protection causing calculation errors in some apps
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 83%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Al1
0
Reputation points
This is more of a posting of information, in case it helps anyone else get started on finding the cause of issues they are having. That said they will need to do their own investigation, its just to alert. This is not a request for assistance.
'Kernel-mode hardware-enforced stack-protection' has been causing me calculation errors in some apps.
Interestingly, and frankly suspiciously, even though this is now a feature that has been around some time, this was unavailable as a feature on first install of OS, only becoming available with an update. Why would a kernel level feature suddenly disappear from an OS install an need an update to reenable its availability?
I've been having self tests on a high load maths application failing. We are talking failures with a consistency of at best after about 4 minutes of load before failure seen.
Mass file copy application hash checks have been failing.
It should be noted that 'this' could be a fault in the software. Its absence is not as easily tested after disabling stack protection. But the issue now is confidence.
Then when I manually inspect hashes of each file one by one, that file is fine. It should be noted that this does not mean that other files were not actually corrupted, only that on those occasions the failures were in the processing the hashes or processing their comparison.
Disable the stack protection feature, and all problems with the maths app go away, can run at load for hours and counting no problems. I am frankly quite suspicious that this established feature was unavailable on first install.
There are absolutely no errors in events logs.
I have had to waste a huge amount of time recently because of a plethora of problems forced on me by the way that as a customer of Windows I am no longer able to make any kind of choice as to how to mitigate various change risks, as used to be a given.
For a range of my own reasons I am quite deliberately not providing more detail here. Anyone concerned will have to formulate their own testing.
I don't expect so as this is not the forum for such matters but if Microsoft want more information on this matter, it will need to be by some verifiable means other than this public forum, such as DM me or contact this account. Information from me shouldn't be necessary however. Either this is an actual fault with my hardware, or my results can be easily produced with minimum of professional diligence.
Windows for business | Windows 365 Business
2 answers
Sort by: Most helpful
-
Al1 0 Reputation points
2025-11-19T15:02:54.0166667+00:00 -
AI answer
2025-11-19T14:56:46.34+00:00 Kernel-mode hardware-enforced stack protection is designed to enhance security by preventing control-flow hijacking through the use of shadow stacks. However, it can lead to compatibility issues with certain applications, particularly those that rely on specific floating-point operations or have not been optimized for this feature.
The calculation errors you are experiencing in high-load mathematical applications and file copy operations may be related to how these applications interact with the hardware-enforced stack protection. If the applications are not designed to handle the constraints imposed by this feature, it could result in unexpected behavior, such as the calculation errors and hash check failures you've noted.
Regarding your observation that this feature was not available on the initial OS installation but became available after an update, it's common for certain security features to be rolled out progressively or to require specific hardware support that may not be present in all initial installations. This could explain why it was not enabled initially and later became available after updates.
If disabling the feature resolves your issues, it may indicate that the applications you are using are indeed incompatible with the hardware-enforced stack protection. You may want to reach out to the application developers for further assistance or check if there are updates or patches available that improve compatibility with this security feature.
References:
AI-generated content may be incorrect. Read our transparency notes for more information.