Share via

Kernel-mode Hardware-enforced Stack Protection and Memory Integrity is off

Anonymous
2023-04-18T11:27:19+00:00

So I was using my computer as always and found that ! in my windows security. Then, it was only the kernel-mode thing that is off, memory integrity was still on. I tried turning the latter on but no luck. Says "Resolve any driver incompatibilities and scan again". I scanned a few times but still no luck. I clicked on "Review incompatible drivers" and there was none. I then tried turning Memory integrity off and then on again to see if it would work and now I'm stuck with both of them off. As with the kernel-mode, memory integrity is in the same fate and I have to enable MI to turn kernel-mode on. I tried turning "Virtual machine platform" and "Windows Hypervisor Platform" as per some advice on the Internet but it still wasn't working. I figured I would ask on here just to be safe.

P/s: There was no "incompatible" drivers when I click on the review so I have no clue where to begin with

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

8 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-04-18T12:19:25+00:00

    Hello,

    My name is Nada I'm here to help you.

    I'm sorry that you are experiencing this issue, and I will try my best to assist you.

    Since you cannot see the drivers, please click on your Start menu and type Command prompt then right-click on it and select Run as administrator. Copy and paste the command below and hit on Enter:

    dism /online /get-drivers /format:table

    Once it gave you the list of drivers, find the Published Name that has the issue. (an example is oem25.inf). Now, kindly uninstall it using the command below:

    pnputil /delete-driver oem25.inf /uninstall /force

    Note: Please rename the oem25.inf depending on the drivers you see from your end.

    If the steps above did not help, let us try to refresh Windows Defender by going to registry HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender then delete the "Windows Defender" folder.

    Let me know if this helps!

    0 comments
  2. Anonymous
    2023-04-19T09:08:46+00:00

    How do I know which Published Name has the issue? I have oem25.inf in the list and I have "rt640x64.inf". I don't know if I should uninstall it or not. Is it the same for everyone or does it vary from device to device?

    1 person found this answer helpful.
    0 comments
  3. Anonymous
    2023-04-19T09:51:08+00:00

    Can you send a screenshot of the "Review incompatible drivers" page? If no drivers are showing until now, then we may skip this one.

    Next, we have to reset Windows Security. To do so, go to Settings > Apps > Apps and features/Installed apps > look for Windows Security > Advanced options > Reset.

    Then, we need to do is to force enable memory integrity from Registry. Click on the Start menu and type REGEDIT and open it.

    Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity

    Double-click the "Enabled" key and change its Value data to "1".

    Lastly, let us perform a clean boot. Please press on the Windows key and R at the same time and type MSCONFIG to open the System configuration window. Once opened, go to the "Services" tab.

    Once you're there, check on the box that says, "Hide all Microsoft services" at the bottom of the page then click "Disable all" then hit on Apply then OK. Restart the device and check if you can already turn the options ON.

    Don't hesitate to contact back if you need further help.

    0 comments
  4. Anonymous
    2023-04-19T11:20:30+00:00

    These are the images of Core isolation before I used the fix.

    These are the results of your fix

    Somehow, it is now managed by my organization although I'm not in any organization though that probably doesn't matter much. So Memory Integrity is on but Kernel-mode isn't. I'm back to how things were before I turned off Core isolation. Also, could I turn those service on now? I'm about to use some apps and I don't know whether turning those on would turn the service off again.

    3 people found this answer helpful.
    0 comments
  5. Anonymous
    2023-04-19T11:50:48+00:00

    You just did registry edits without understanding what you were actually editing? Your organization is you, just one of the many seperate versions of you that your PC creates for whatever reason Windows does (i.e. Admin, user, device owner, etc etc. Those are all you but not always "you" in regards to the permissions needed to run a program or view a file or whathaveyou.

    Hopefully you made a backup before trying these steps? Go ahead and revert back to that and then use your apps and internet, just be careful not to click sus links or goto sus sites. If you didnt make a backup, do what you did in reverse. For this part: "Navigate to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity

    Double-click the "Enabled" key and change its Value data to '1'." <--- Change this '1' into a '0', then restart your PC. You'll be back to the screenshot prior to the attempted fix.

    I am having the same issue myself, I strongly suspect it's NVidia's fault, My fix is to get rid of the latest and greatest nvidia driver and stick with what the manufacturer of the motherboard recommends.

    *I am just some dude on the internet please don't do anything I recommend without first understanding why I recommended it, I am not liable for any loss or damages, you do this at your own risk, blahblah consent, blahblah im not an affiliate, blahblah other legal protections and dont forget to smash that like button and subscribe*

    2 people found this answer helpful.
    0 comments