From bfc53aaa46dfd0de55d678e9427bf17736224d7e Mon Sep 17 00:00:00 2001 From: Brent Kendall Date: Thu, 5 Jan 2023 10:14:29 -0800 Subject: [PATCH] Update kernel-dma-protection-for-thunderbolt.md Added clarifying note requested by OEM partners. --- .../kernel-dma-protection-for-thunderbolt.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md index bd501ceb09..5649ebe854 100644 --- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md +++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md @@ -66,6 +66,9 @@ Systems released prior to Windows 10 version 1803 do not support Kernel DMA Prot >[!NOTE] >Kernel DMA Protection is not compatible with other BitLocker DMA attacks countermeasures. It is recommended to disable the BitLocker DMA attacks countermeasures if the system supports Kernel DMA Protection. Kernel DMA Protection provides higher security bar for the system over the BitLocker DMA attack countermeasures, while maintaining usability of external peripherals. +>[!NOTE] +>DMA remapping support for graphics devices was added in Windows 11 with the WDDM 3.0 driver model; Windows 10 does not support this feature. + ## How to check if Kernel DMA Protection is enabled Systems running Windows 10 version 1803 that do support Kernel DMA Protection do have this security feature enabled automatically by the OS with no user or IT admin configuration required.