Windows Defender Core Isolation features and Sandra’s Kernel Driver

Microsoft has started to ask Windows users to enable additional security features that may not be compatible Sandra's kernel driver (Sandra.sys). As this driver must run in kernel space and directly interacts with hardware - as with most other hardware utilities of this type, game anti-cheats, anti-virus/malware and similar kernel-level software - it cannot be compatible with all features.

While we are working on finding a solution, unfortunately there is no easy or immediate fix for it.

Sandra is compatible with most “Core Isolation” Windows Security features and you can have them enabled:

  • Memory Integrity – Compatible, can enable
  • Memory Access Protection – Compatible, can enable
  • Microsoft Vulnerable Driver Blocklist – Kernel driver compatible
  • Kernel-mode Hardware-enforced Stack Protection – Kernel driver not compatible, but software will still run with