A built-in feature of Windows 10 is the ability to isolate the kernel. What this means in practice is that critical processes run in a virtual environment, all designed to prevent malicious code from being smuggled into system processes under any circumstances. To use this protection, you need a compatible motherboard and an Intel or AMD processor that is also prepared to run in a virtual environment. The main concern with processors is to ensure that the integrity of registers is not compromised – we have seen examples in the past of this being a cause for concern.
If you want to isolate the kernel, you must also make the appropriate system settings. Open Settings, then select Update & Security | Windows Security | Device Security. Click on the Core Isolation Details and then set the switch under Memory Integrity to On. Windows will then automatically check if the hardware in your computer supports this feature. If there are no problems, the core isolation will become active. If it fails to turn on, the most common cause is an old driver, so updating your driver is the first step to fix the problem. If the machine is running some rare hardware, it is more than likely that this is the cause of the problem. The core isolation function is activated when the system is rebooted.