Module Name
Secure Kernel Code Integrity (skci.dll) in Microsoft Windows 10 Enterprise, Windows 10 Enterprise LTSB
Historical Reason
Moved to historical list due to dependency on certificate #2604
Caveat
When operated in FIPS mode with the module Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2604 operating in FIPS mode or Code Integrity (ci.dll) in Microsoft Windows Enterprise LTSB under Cert. #3437 operating in FIPS mode
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 2
Embodiment
Multi-Chip Stand Alone
Description
Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed.
Tested Configuration(s)
- Windows 10 Enterprise (x64) running on a HP Compaq Pro 6305 with PAA [1][3]
- Windows 10 Enterprise (x64) running on a Microsoft Surface 3 with PAA [1][3]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Book with PAA [3]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 2 with PAA [1][3]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 3 with PAA [1][3]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 4 with PAA [3]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Pro with PAA [1][3]
- Windows 10 Enterprise (x86) running on a Dell Inspiron 660s without PAA [1][3]
- Windows 10 Enterprise LTSB (x64) running on a Dell XPS 8700 with PAA [1][2]
- Windows 10 Enterprise LTSB (x64) running on a HP Compaq Pro 6305 with PAA [1][2]
- Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface 3 with PAA [2]
- Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 2 with PAA [2]
- Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 3 with PAA [2]
- Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro with PAA [2] (single-user mode)
- Windows 10 Enterprise LTSB (x86) running on a Dell Inspiron 660s without PAA [1][2]
Software Versions
10.0.10240 [1], 10.0.10240.17643 [2], 10.0.10586 [3]