Vladimir Previn

NWE 4.3.0.3 (maybe all) memory dump issues with win10 VSM on?

Discussion created by Vladimir Previn on Sep 21, 2017
Latest reply on Sep 21, 2017 by Vladimir Previn

hello,

 

https://df-stream.com/2017/08/memory-acquisition-and-virtual-secure/
we're having issues with NWE 4.3.0.3 and win10 (anniversary) with virtual secure mode + credential guard on (but without device guard code integrity on)
On memory dump from the UI ECAT doesn't bluescreen but mem dump fails with error: '998 - Invalid access to memory location'

(not a customer for NWE anymore) so is it fixed in 4.3.0.4 or 4.3.0.5? if not - expected fix date?

 

We've tried some of the other tools indicated as fixed in the article and they work.

Outcomes