Core Isolation (Memory Integrity) is an option in Windows Security (Defender) that helps prevent cyber attacks on your computer. In Windows 10 and 11, supported hardware can use virtualization to protect the operating system and your PC from malicious code. It does this by isolating specific processes in the PC’s memory.
In this guide, I’ll show you how to enable and disable it on Windows 10 and 11 computers.
- How To Enable/Disable Core Isolation In Windows 10 & 11.
- How To Enable Virtualisation.
- Core Isolation And Performance.
- Should You Enable Or Disable Core Isolation.
How To Enable/Disable Core Isolation In Windows 10 & 11.
Core Isolation is a feature of Windows Security. To check whether it’s enabled or disabled, open Windows Security by clicking the Start button and then typing
Left-click on “Core Isolation (System Settings), which appears at the top of the search results.
Memory Integrity Toggle Switch.
You can enable or disable Core Isolation by clicking the Memory Integrity toggle switch to on or off.
Core Isolation (Memory Integrity) Not Available.
To enable Core Isolation on your computer, click the Memory Integrity toggle switch to ON. When you do that, you’ll need to restart your computer. You’ll also need to click the Yes button for one or two UAC popups.
When your computer has restarted check to see if Memory Isolation is indeed turned on. You may well find that it’s still turned off. That happens when Core Isolation isn’t available on your machine, or at least under the current configuration of your machine.
How To Enable Virtualisation.
Virtualization has to be enabled within the UEFI (BIOS) of your computer motherboard. Although it’s not difficult to do, simply a matter of clicking a button to enable it, finding that button can be a real chore.
There just isn’t any sort of standardization amongst the various motherboard and system manufacturers about how they lay out the UEFI that they’re using. They are all different. And as ever, they often use different terms for the same things.
Intel & AMD Systems.
If you have an Intel CPU then you should search through the various menus and find and enable Intel VTX and Intel VTD.
On an AMD system, enable AMD-SVM and AMD-IOMMU.
You’ll probably find these settings under the Advanced menu, sometimes under the CPU options sub-menu. But I can’t be more specific than that, it all depends on your own system.
How To Access Your Computer UEFI (BIOS).
The easiest way to enter the UEFI (BIOS) of your computer is through Windows itself. Click the Start button and type
Left-click Change Advanced Start-Up Options (System Settings).
In Windows 10 – Under the Advanced Start-up section, click the Restart Now button.
In Windows 11 – Under the Recovery Options section, click the Restart Now button.
After your computer restarts, you’ll need to go through 3 screens (or pages) to access your computer BIOS.
Choose An Option – Click the Troubleshoot option.
Troubleshoot – Click the Advanced Options.
Advanced Options – Click the UEFI Firmware Settings option.
Your computer will restart and enter the UEFI/BIOS.
Once you’ve found and enabled virtualization on your computer, restart it and then enable Core Isolation (Memory Integrity) again. This time it should remain enabled after the restart.
Core Isolation And Performance.
Enabling Core Isolation on your computer will adversely affect your computer’s performance. Your computer will boot up (start) a little slower than it did before and some applications will take a few moments longer to load.
Exactly how much the performance of your particular computer will be affected will vary considerably. It all really depends on your machine and how you use it. I’ve seen estimates quoting a performance hit of between 2% and 7%.
However the real test is whether or not you, on your home computer, you can actually notice the hit. Does it affect what your doing, how your working or playing? And can you live it?
Should You Enable Or Disable Core Isolation.
The underlying technology behind Core Isolation will improve over time. Hardware will catch up and negate the performance issues that having it enabled currently produces.
But that’s for the future, what about right now? Well the only person who can answer that question is you.
If you’ve bought a Windows 11 computer recently, then Core Isolation will almost certainly be turned on by default. If you’re reasonably happy with your computer, then personally, I’d leave it enabled. The security benefits it brings are becoming ever more important.
However if you want, or need, to get a little more from your machine, then try disabling it. You might be pleasantly surpried at the extra little boost your computer receives. Bear in mind that you’re turning off an important security feature, so test thoroughly to make sure you really are gaining on performance.
For everyone else, then Core Isolation (Memory Integrity) probably won’t be enabled by default. If you turn it on, you may or may not notice the difference. And if you do notice it, then by how much? Can you live with it? Is it workable? Or is it slowing down an already slow machine?