What do I have installed? Well, friends, a ton of crap, it turns out! LOL. Again, NONE of this is new and goes back as far as 2015 or earlier.
Windows 10 has a feature where drivers can use HVCI but those drivers need to be written in certain ways to ensure they have a clear separation between data and code, and can't load data files as executable, or use dynamic code in the kernel. I want to ensure that drivers I have loaded into the kernel are secure.
I clicked on Core Isolation to turn on VBS and noticed that the on/off switch was grayed out and I could scan for driver incompatibilities. Go to the Windows Security app and click Device Security. Additionally I wanted to make sure I was ready for Windows 11 whenever it arrives and adds more security features and requirements. I started digging to understand what was interesting or unique about my system that was preventing me from turning these new features on. Virtualization-based Security (VBS) isolates a secure region of memory from the rest of the OS. It's the collection of all them together, working as a team, that enhances your systems security.
Some of these technologies are quite old and have been in Windows for a while.
"Core isolation is a security feature of Microsoft Windows that protects important core processes of Windows from malicious software by isolating them in memory. According to the Microsoft Support website: