What is Virtualization Based Security (VBS) and Hypervisor Enforced Code Integrity (HVCI)?
Memory integrity is a powerful system mitigation that leverages hardware virtualization and the Windows Hyper-V hypervisor to protect Windows kernel-mode processes against the injection and execution of malicious or unverified code. Code integrity validation is performed in a secure environment that is resistant to attack from malicious software, and page permissions for kernel mode are set and maintained by the Hyper-V hypervisor. Memory integrity helps block many types of malware from running on computers that run Windows 10 and Windows Server 2016.
Windows 10 includes a set of hardware and OS technologies that, when configured together, allow enterprises to "lock down" Windows systems so they operate with many of the properties of mobile devices. In this configuration, specific technologies work together to restrict devices to only run authorized apps by using a feature called configurable code integrity (CI), while simultaneously hardening the OS against kernel memory attacks through the use of virtualization-based protection of code integrity (more specifically, HVCI). Please click here for reference and more details.
Virtualization Based Security (VBS) and Hypervisor Enforced Code Integrity (HVCI) protect Windows from compromise by bad drivers and malicious system files. Windows devices everywhere will soon be protected by VBS and HVCI. In this quest, Windows users can enable HVCI on desktop devices to protect them from malicious apps and files, and provide feedback about any impact HVCI has on Windows’ function and performance.
How to Enable (HVCI)?
Launch the "Windows Security" app.
Search for Windows Security
Navigate to "Device Security"
Click on "Core isolation details"
Enable HVCI - Click to toggle "Memory integrity" to "On"
If the toggle is Off and reads "This setting is managed by your administrator" then this quest will not work for you.
There will be prompt from Device Security to Restart. Restart to apply these protection changes.
Windows Insider Lab for Enterprise has Quests published that you can use to follow the steps to tryout and assess HVCI as well as many other new Windows 10 Enterprise and Security features. Are you a Windows Insider Interested in joining Windows Insider Lab for Enterprise? It's easy - just fill out the survey at https://aka.ms/RegisterOlympia