deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-18 00:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #11259 from brentkendall/patch-13

Browse Source 
Update kernel-dma-protection-for-thunderbolt.md
This commit is contained in:
Vinay Pamnani 2023-01-05 13:46:30 -05:00 committed by GitHub
commit dc07be41d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
View File

@ -2,13 +2,13 @@
title: Kernel DMA Protection (Windows) title: Kernel DMA Protection (Windows)
description: Kernel DMA Protection protects PCs against drive-by Direct Memory Access (DMA) attacks using PCI hot plug devices connected to Thunderbolt™ 3 ports. description: Kernel DMA Protection protects PCs against drive-by Direct Memory Access (DMA) attacks using PCI hot plug devices connected to Thunderbolt™ 3 ports.
ms.prod: windows-client ms.prod: windows-client
author: dansimp author: vinaypamnani-msft
ms.author: dansimp ms.author: vinpa
manager: aaroncz manager: aaroncz
ms.collection: ms.collection:
- highpri - highpri
ms.topic: conceptual ms.topic: conceptual
ms.date: 03/26/2019 ms.date: 01/05/2023
ms.technology: itpro-security ms.technology: itpro-security
--- ---
@ -66,6 +66,9 @@ Systems released prior to Windows 10 version 1803 do not support Kernel DMA Prot
>[!NOTE] >[!NOTE]
>Kernel DMA Protection is not compatible with other BitLocker DMA attacks countermeasures. It is recommended to disable the BitLocker DMA attacks countermeasures if the system supports Kernel DMA Protection. Kernel DMA Protection provides higher security bar for the system over the BitLocker DMA attack countermeasures, while maintaining usability of external peripherals. >Kernel DMA Protection is not compatible with other BitLocker DMA attacks countermeasures. It is recommended to disable the BitLocker DMA attacks countermeasures if the system supports Kernel DMA Protection. Kernel DMA Protection provides higher security bar for the system over the BitLocker DMA attack countermeasures, while maintaining usability of external peripherals.
>[!NOTE]
>DMA remapping support for graphics devices was added in Windows 11 with the WDDM 3.0 driver model; Windows 10 does not support this feature.
## How to check if Kernel DMA Protection is enabled ## How to check if Kernel DMA Protection is enabled
Systems running Windows 10 version 1803 that do support Kernel DMA Protection do have this security feature enabled automatically by the OS with no user or IT admin configuration required. Systems running Windows 10 version 1803 that do support Kernel DMA Protection do have this security feature enabled automatically by the OS with no user or IT admin configuration required.