Share via

Memory Integrity

Lol no 5 Reputation points
2026-03-06T06:28:01.23+00:00

When I open up core isolation to turn on my memory integrity the memory integrity part isn't there and all the other solutions i've tried haven't worked.

Windows for home | Windows 11 | Performance and system failures
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ramesh Srinivasan 77,800 Reputation points Independent Advisor
    2026-03-06T09:58:27.0066667+00:00

    Hi, This is Ramesh.

    If the Memory integrity option is missing in Windows Security, hardware virtualization may have been turned off in your UEFI settings or using group policy.

    1. Please run msinfo32.exe and click System Summary. Resize the columns in the right pane to make the entries visible, and post a screenshot.
    2. Open PowerShell admin and run the command get-appxpackage *sechealth* -allusers. Copy the output and post it in your reply.
    0 comments
  2. Q&A Assist
    2026-03-06T06:28:17.4266667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    On Windows 11, the Memory integrity toggle is part of Core isolation in the Windows Security app. If the Memory integrity control is missing entirely, use these checks and alternatives:

    1. Verify hardware/firmware support Memory integrity (HVCI) requires hardware virtualization enabled in UEFI/BIOS. If the device or firmware does not support virtualization-based security (VBS), the Memory integrity option may not appear.
    2. Check Core isolation and device security Open Windows SecurityDevice securityCore isolation details. On supported systems, Memory integrity appears here and can be turned on or off. If it does not appear, the device may not meet VBS requirements or OEM/administrator configuration may have disabled it.
    3. Confirm state via System Information (msinfo32) Run msinfo32 and check Virtualization-based security Services Running. If it lists Hypervisor enforced Code Integrity, Memory integrity is already enabled even if the toggle is not visible.
    4. Check registry state Administrators/OEMs can control Memory integrity via registry:
    • HKLM\System\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity (for example, Enabled, WasEnabledBy, EnabledBootId).
    • HKLM\System\CurrentControlSet\Control\CI\State (value HVCIEnabled indicates Memory integrity enabled). If these keys are configured by policy or OEM image, the UI control can be hidden or locked.
    1. Use policy-based enablement (if applicable) If the device is managed or if administrative tools are available, Memory integrity can be enabled without the UI:
    • Group Policy: Computer ConfigurationAdministrative TemplatesSystemDevice GuardTurn on Virtualization Based Security → set Enabled, then under Virtualization Based Protection of Code Integrity choose Enabled without UEFI lock. Apply and reboot.
    • Intune / CSP: Use the Virtualization Based Technology > Hypervisor Enforced Code Integrity setting in the Intune settings catalog, or the HypervisorEnforcedCodeIntegrity node in the VirtualizationBasedTechnology CSP.
    1. Check for driver or compatibility issues If Memory integrity is blocked by incompatible drivers, the Core isolation page normally shows that. If the toggle is missing but VBS is disabled, check:
    • Event Viewer → Applications and Service Logs\Microsoft\Windows\CodeIntegrity\Operational for EventID 3087.
    • setupact.log for HVCI entries indicating compatibility problems.

    If none of these paths show Memory integrity and VBS is not running, the device likely does not meet the requirements for Memory integrity, or it has been disabled/hidden by OEM or management policy.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.