If you are using Windows 11, you may have encountered a security warning that says “Kernel-mode hardware-enforced stack protection is off. Your device may be vulnerable” from Windows Defender. This warning may appear after a recent update to Windows Defender, the built-in antivirus for Windows desktops. Kernel mode hardware-enforced stack protection is a new security feature in Windows 11 that uses the processor to protect the memory stack from malicious code injection. It requires Intel’s Control-flow Enforcement Technology (CET) or AMD Shadow Stack technology, which are supported by Intel 11th Gen Tiger Lake or newer parts, or AMD Zen 3 and newer processors. There are a few reasons why this feature may not turn on, and to fix this issue on your Windows 11 desktop, this guide will help you.
Fix: Kernel-Mode hardware-enforced Stack Protection is Off Error (2023)
On your Windows 11 desktop, the reason why the “kernel-mode hardware-enforced stack protection is off” error message appears may be due to a driver conflict, especially with some anti-cheat software that is used by certain games. Hence, some possible solutions to fix this error are:
1. Uninstall conflicting Software
Some users have reported that uninstalling games that use anti-cheat software, such as Phantasy Star Online 2, Destiny 2, and Valorant, can resolve the issue. Also, some third-party antivirus software might cause the “kernel-mode hardware-enforced stack protection is off” issue. Hence, here’s how you can fix this issue:
- Open the Control Panel from the Start menu and click the Programs tab.
- Now click the ‘Programs and Features’ tab and right-click on any software with a yellow exclamation mark.
- From the menu, select the ‘Uninstall’ option to remove the conflicting software from your Windows 11 desktop.
2. Enable Virtualization
Another possible solution to fix this issue is to enable virtualization in the BIOS settings of your PC. This may allow you to access the device security settings in Windows 11, and turn on kernel-mode hardware-enforced stack protection. Hence, to enable virtualization, follow these steps:
- Restart your computer and press the appropriate key on your keyboard to enter the BIOS setup, which is different for the different computer models, but it is usually the ‘F2’, ‘F10’, ‘F12’, or ‘Delete’ keys.
- In the BIOS menu, look for an option like ‘Virtualization Technology’, ‘VT-x’, or ‘AMD-V’ and enable it.
- Save the changes by pressing the ‘F10’ key on your keyboard, then press the ‘Y’ key to confirm saving and exit the BIOS setup.
- Finally, restart your computer and check if the “kernel-mode hardware-enforced stack protection is off” warning is gone.
- If none of these solutions work for you, you may have to wait for Microsoft to release a fix to this issue. In the meantime, you can ignore the warning, as it does not affect your system performance or security.
Everything covered on how to fix the kernel-mode hardware-enforced stack protection is off error message on Windows 11. Also, check out our other guides, such as How to fix keyboard typing wrong characters/letters on Windows 11 or How to fix Windows 11 taskbar disappeared error.