Article Number: 000131608
How to Enable Compatibility Mode for Application Issues with Dell Threat Defense and Dell Endpoint Security Suite Enterprise
Summary: Enable Memory Compatibility Mode in Dell Threat Defense and Dell Endpoint Security Suite Enterprise to resolve compatibility issues with other applications.
Article Content
Symptoms
- As of May 2022, Dell Endpoint Security Suite Enterprise has reached End of Maintenance. This article is no longer updated by Dell. For more information, reference Product Life Cycle (End of Support and End of Life) Policy for Dell Data Security. If you have any questions on alternative articles, either reach out to your sales team or contact endpointsecurity@dell.com.
- Reference Endpoint Security for additional information about current products.
Affected Products:
- Dell Endpoint Security Suite Enterprise
- Dell Threat Defense
Memory Protection and Script Control are built on a memory filter driver to inject at the earliest possible point during process startup. Though Threat Defense does not support Memory Protection, if Script Control is enabled on Threat Defense, these issues be present. Third-party products that also monitor memory processes handle injections differently and may not be prepared for injection as early in the process as Memory Protection. This causes the third-party application to crash. To resolve this issue, you can add a registry key to allow Memory Protection to inject in the same manner as other applications.
Cause
Not Applicable
Resolution
The Advanced Threat Prevention (ATP) engine of Dell Threat Defense or Dell Endpoint Security Suite Enterprise must have a compatibility mode that is enabled to resolve potential conflicts.
To enable Compatibility Mode:
- Right-click the Windows start menu and then click Run.
Figure 1: (English Only) Click Run
- In the Run UI, type regedit and then press OK. This opens the Registry Editor.
Figure 2: (English Only) Type regedit
- Back up the Registry before proceeding, reference How to Back Up and Restore the Registry in Windows
.
- Editing the Registry can cause the computer to become unresponsive on the next reboot.
- Contact Dell Data Security International Support Phone Numbers for assistance if you have concerns about performing this step.
- In the Registry Editor, go to
HKEY_LOCAL_MACHINE\Software\Cylance\Desktop. - Right-click the Desktop folder and then click Permissions.
Figure 3: (English Only) Click Permissions
- In the Permissions for Desktop UI, check Full Control for the active user and then press OK.
Figure 4: (English Only) Check Full Control
- Right-click Desktop folder, click New, and then select DWORD.
Figure 5: (English Only) Click DWORD (32-bit) Value
- Name the DWORD CompatibilityMode and then press enter.
- Right-click CompatibilityMode and then click Modify.
Figure 6: (English Only) Click Modify
- Change the Value data to 1 and then click OK.
Figure 7: (English Only) Update Value data to 1
- Exit the Registry Editor.
- Reboot the computer to apply the compatibility mode changes.
Enabling Compatibility Mode using Command-Line Option
Using PSExec to inject this registry key:
psexec -s reg add HKEY_LOCAL_MACHINE\SOFTWARE\Cylance\Desktop /v CompatibilityMode /t REG_BINARY /d 01
PSexec can be acquired from Microsoft here: https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
PSexec is commonly seen as a Potentially Unwanted Program (PUP) and may be automatically quarantined before it can be run.
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.
Article Properties
Affected Product
Dell Threat Defense, Dell Endpoint Security Suite Enterprise
Last Published Date
09 Feb 2024
Version
10
Article Type
Solution