Dec 29 2019 08:40 AM - edited Aug 25 2023 11:53 PM
This is an old post and the issue is no longer relevant.
This has been happening since a couple of builds ago as well.
I turn on the Memory Integrity in Core isolation section of Windows Defender, then after a restart or two, I go check again and see it's turned off.
it usually happens when I uninstall a program that needs to be restarted. but it also happens when I uninstall a software that does Not need Windows restart to finish uninstall process.
Jul 14 2022 01:35 PM
Jul 30 2022 02:52 AM
In my case, the machine seems fully compromised; and even if no performance degradation, no strange attitudes (except for the one in subject), no loss of documents or other occurrences happens, I have tons of duplicated Microsoft drivers loaded on boot, to keep the state of the things "as is".
I mean:
- Different BIOS
- A section "Firmware" (brand new) in Device Manager that's related to another machine to keep the fake BIOS "as is"
- Intel i7 Microcode (sixth generation - Skylake) altered
and I could go on and on and on. (I attached a couple of meaningful screenshots).
Anyway, I don't think to be fully in the hands of a "Spectre" variant.
Some of these things may be the consequence of my studies/experiments with Azure/Intune/Defender Endpoint Protection, that now "administer" some parts of my own identity and hardware security.
The Microcode, Firmware, UEFI and "Secure Boot" failures are great problems for all the brands that adopted UEFI boot instead of MBR BIOS.
I have a couple of 2008 "Core Duo" with 8 GB DDR2 RAM that are my safe docks (just in case we're in front of a foreign deliberated Warfare ACT).
A couple of links among the many:
NVD - CVE-2022-25368 (nist.gov)
New Variant of Spectre Attack Bypasses Intel and Arm Hardware Mitigations | SecurityWeek.Com
AMD Product Security | AMD
Microsoft offers a 100,000 $ bounty for further info and solutions on these matters
Aug 25 2023 01:18 PM
Aug 26 2023 12:57 AM
Aug 26 2023 02:42 AM
KB5029351 - this is a preview, so your computer is a private device, I really think that you do not have to fear anything, moreover, if you enable the memory integrity and do not restart - then definitely changing the settings will not start, so you only waste time!