Windows Defender System Guard: Making a leap forward in platform security with memory integrity

It would be nice if after enabling Memory Integrity in Core Isolation, the BSOD 'SYSTEM_THREAD_EXCEPTION_NOT_HANDLED' mentioned which driver tried to write to a memory page.

When booted in regular old "non-integrity" mode, the `Device Guard and Credential Guard hardware readiness tool` does not show any driver with executable pages on my system. This makes it hard to track down the offending driver. At this early point Windows does not write any BSOD error report to disk.

Edit: Hmm, I managed to enable a tiny bit more error reporting on screen. Now to figure out what it means (with address randomization it probably means almost nothing):

0xFFFFFFFFC0000096 

0xFFFFF803ED88F08F

0xFFFFED0CB7C067E8

0xFFFFED0CB7C06030