DescentBB

So, leave Off or turn On? Leave Disabled or set to Enabled?

My crude understanding is that this is off by default because otherwise it breaks lots of programs and drivers.

Any perspectives?

No takers, huh.

Chatgpt...

Core Isolation and Memory Integrity are security features in Windows 10 and Windows 11 that provide an added layer of protection against malware and other security threats by utilizing the virtualization-based security capabilities of modern CPUs. Here's a brief explanation:

1. **Core Isolation**: This provides a secure area of the processor where sensitive tasks can run, isolated from the rest of the operating system. It reduces the risk of malicious code running at the kernel level.

2. **Memory Integrity**: It's a feature within Core Isolation. Memory Integrity ensures that malicious software on the OS can't tamper with the running kernel by marking certain areas of memory as read-only.

Regarding your question of "On vs. Off" and "Enabled vs. Disabled":

- **Advantages of turning it ON/Enabled**:
- Enhanced security against sophisticated attacks.
- Protection from malware that tries to tamper with the kernel.

- **Disadvantages of turning it ON/Enabled**:
- Compatibility issues: As you mentioned, some older drivers or software might not work correctly. This is especially true for non-official or outdated drivers.
- Performance overhead: While it's generally minimal, there is a slight performance cost associated with this added layer of security.

Given these considerations:

- If you're running a modern system with up-to-date drivers and software, and you prioritize security, then consider turning it ON.

- If you're having compatibility issues, experiencing system instability, or using older software/drivers that are essential for your tasks, you might want to leave it OFF until those components are updated to be compatible with these security features.

As with many things in IT, the decision comes down to a trade-off between security and compatibility/performance. Always make sure to backup essential data before making significant system changes and test the functionality of crucial software and drivers after enabling such features.

That being said, windows 11 for the last couple of months, did a have a bug that erroneously warned about Core Isolation being disabled

Or I could just leave it off til Microsoft fixes their shi... er, stuff. Why is it my job to beta test Microsoft's latest attempt to "help" me?