- DETECTION:
How can we detect RELIABLY whether Core Isolation (aka Code Integrity/Memory Integrity) is enabled or not ?
What is the reliable and complete way to check.
Yes, we can detect through the registry. However, how do we make sure that every possible avenue has been checked i.e. could be enabled/disabled
through BIOS, or Group Policy or in Device Security through the Settings in UI?
- DISABLING THE CORE ISOLATION (aka CODE INTEGRITY / MEMORY INTEGRITY):
Is there a PROGRAMMATIC way to
DISABLE CORE ISOLATION (aka CODE INTEGRITY / MEMORY INTEGRITY ) ?
What we are asking is that:
Are there any programmatic ways to DISABLE the Core Isolation (aka Code Integrity/Memory Integrity) ?
Using either C++, Powershell, WMI or other application programming interfaces?