Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3651

Details

Module Name
Secure Kernel Code Integrity
Standard
FIPS 140-2
Status
Historical
 Historical Reason
Moved to historical list due to dependency on certificate #3615
Overall Level
1
Caveat
When operated in FIPS mode with module Windows OS Loader validated to FIPS 140-2 under Cert. #3615 operating in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 2
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Secure Kernel Code Integrity (SKCI) running in the Virtual Secure Mode (VSM) of the Hyper-V hypervisor will only grant execute access to physical pages in the kernel that have been successfully verified. Executable pages will not have write permission outside of Hyper-V. Therefore, only verified code can be executed.
Tested Configuration(s)
  • Azure Data Box Edge (x64) running on a Microsoft Azure Data Box with an Intel Xeon Silver without PAA[1]
  • Windows 10 Education October 2018 Update (x64) running on a Microsoft Surface Laptop with an Intel Core i5 without PAA[1]
  • Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7 without PAA[1]
  • Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Laptop with an Intel Core i5 without PAA[1]
  • Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Pro LTE with an Intel Core i5 without PAA[1]
  • Windows 10 Enterprise October 2018 Update (x64) running on a Microsoft Surface Studio with an Intel Core i7 without PAA[1]
  • Windows 10 Enterprise October 2018 Update (x64) running on a Samsung Galaxy Book 12" with an Intel Core i5 without PAA[1]
  • Windows 10 Enterprise October 2018 Update (x64) running on an HP EliteBook x360 1030 G2 with an Intel Core i7 without PAA[1]
  • Windows 10 Pro October 2018 Update (x64) running on a Dell Latitude 12 Rugged Tablet with an Intel Core i5 without PAA[1]
  • Windows 10 Pro October 2018 Update (x64) running on a Dell Latitude 5290 with an Intel Core i7 without PAA[1]
  • Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Book 2 with an Intel Core i7 without PAA[1]
  • Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Go with an Intel Pentium without PAA[1]
  • Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Laptop with an Intel Core i5 without PAA[1]
  • Windows 10 Pro October 2018 Update (x64) running on a Microsoft Surface Pro LTE with an Intel Core i5 without PAA[1]
  • Windows 10 Pro October 2018 Update (x64) running on a Samsung Galaxy Book 10.6" with an Intel Core m3 without PAA[1]
  • Windows 10 Pro October 2018 Update (x64) running on an HP Elite x2 1013 G3 Tablet with an Intel Core i7 without PAA[1]
  • Windows 10 Pro October 2018 Update (x64) running on an HP Slimline Desktop with an Intel Pentium with PAA[1]
  • Windows Server 2019 Core (x64) on Hyper-V on Windows Server 2016 running on a Dell PowerEdge R740 Server with an Intel Xeon Gold without PAA[1]
  • Windows Server 2019 Core (x64) on Hyper-V on Windows Server 2019 running on a Dell Precision Tower 5810MT with an Intel Xeon E5 without PAA[1]
  • Windows Server 2019 Core (x64) running on a Dell PowerEdge R740 Server with an Intel Xeon Gold without PAA[1]
  • Windows Server 2019 Datacenter Core (x64) on Hyper-V on Windows Server 2019 running on a Dell Precision Tower 5810MT with an Intel Xeon E5 without PAA[1]
  • Windows Server 2019 Datacenter Core (x64) running on a Dell PowerEdge R740 Server with an Intel Xeon Gold without PAA[1]
  • Windows Server Core Datacenter 2019 RTM (x64) running on an HPE Edgeline EL8000 / ProLiant e910 Server Blade with PAA[2] (single-user mode)
Approved Algorithms
RSA Certs. #C211, #C349 and #C2047
SHS Certs. #C211 and #C2047
Allowed Algorithms
N/A
Software Versions
10.0.17763[1] and 10.0.17763.107[2]

Vendor

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Mike Grimm
FIPS@microsoft.com
Phone: 800-Microsoft

Validation History

Date Type Lab
5/7/2020 Initial LEIDOS CSTL
10/5/2022 Update LEIDOS CSTL