Jump to content

Hardware Virtualization security features. Safe money, or other features? Compare to Windows Memory Integrity?


Go to solution Solved by Igor Kurzin,

Recommended Posts

Posted

Hello, I’m using Kaspersky Free 20.0.14.1085 (I) and databases are up to date.
Windows 10 Home v2004 build19041.508 exp120.2212.31.0

I have questions regarding the use of hardware acceleration for Kaspersky security features.
As far as I know, it only affects the safe money feature based on https://support.kaspersky.com/common/safemoney/13713?cid=KIS_20.0, but still not sure… and I’m planning to upgrade my Kaspersky anytime soon.
Question 1 is there any other Kaspersky security feature(s) that need hardware acceleration beside Safe Money (up to Total Security)?

I’m currently using hardware acceleration for Windows Security features (Core Isolation - Memory Integrity) thus can’t be used for Kaspersky security feature(s).
It said “Hardware virtualization not available…” after I switch Memory Integrity on.
Question 2 Are there any Kaspersky security feature(s) (up to Total Security) that have a similar function as the Windows Memory Integrity feature or at least provide a similar level of protection?

I’ve searched the Knowledge Base and can’t find a sufficient answer for me.

Thanks in advance.

  • 2 weeks later...
Posted

Update: I’ve bought KTS and it seems all features linked to hardware virtualization are working properly despite the warning message in the KTS setting.
It look like Kaspersky AV does support Hyper-V so I could use security features alongside Windows Core Isolation-Memory Integrity like BlueStack version for Hyper-V enabled devices.

  • Solution
Posted

Hi @Il.Za , 

Hardware acceleration is also used by System Watcher in certain scenarios. 

“Memory integrity is a feature of Windows that ensures code running in the Windows kernel is securely designed and trustworthy. It uses hardware virtualization and Hyper-V to protect Windows kernel-mode processes from the injection and execution of malicious or unverified code.”

Kaspersky products definitely protect from the injection and execution of malicious or unverified code with the help of File Anti-Virus, System Watcher and Application Control. 

Regards,

Igor

Posted

Thanks for your answer @Igor Kurzin. I still need advice, should I keep Memory Integrity on or switch it off?

From my finding:

When these features are enabled, Windows uses hardware virtualization features to create a secure area of system memory that’s isolated from the normal operating system. Windows can run system processes and security software in this secure area. This protects important operating system processes from being tampered with by anything running outside the secure area.

Is this Windows Memory Integrity Feature still necessary and will give a quite substantial benefit?

Especially when enabled simultaneously with KTS features with the same goal of protecting from the injection and execution of malicious or unverified code (using File Anti-Virus, System Watcher, and Application Control).

I think it will give an additional layer of security by creating a secure isolated area of system memory with help of hardware-based virtualization, but I have a concern if it could disrupt Kaspersky security components effectiveness like (at least) increasing system load and up to couldn’t access ‘secure area’ created by this Windows security feature.

I think I had no Kaspersky app security error/warning notification which is related to enabling Memory Integrity so far.

Posted

You are most welcome @Il.Za 

If there are no performance issures or any other conflicts induced by enabled Windows Memory Integrity Feature, you can enable it for an additional layer of security. 

Posted

You are most welcome @Il.Za 

Answering your question: 

 I still need advice, should I keep Memory Integrity on or switch it off?

 

As you found out, the enabled Windows Memory Integrity Feature disables usage of hardware virtualization in Kaspersky and as you know and as written in the article, this reduces the capabilities of Protected Browser to protect the user against some complex threats.

On the other hand, Windows Memory Integrity is a feature that adds a layer of protection. The decision is up to you. We recommend enabling hardware virtualization to use Kaspersky features for additional protection. 

 

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...