WinSecWiki > Security Settings > Local Policies > Security Options > Shutdown > Clear virtual memory pagefile

Shutdown: Clear virtual memory pagefile

This setting forces Windows to zero out the pagefile at system shutdown and zeroes out the hibernation file if hibernation is disabled. Why would you want to do this?

Unless you use Encrypting File System you probably wouldn’t. However, if you do use EFS consider this. It’s very possible that while accessing a file protected by EFS, part of the file gets paged out to disk. Let’s say that part of the pagefile never gets overwritten and the system is shutdown without this setting enabled. Then a bad guy steals the computer but fails to break EFS; the bad guy can still attempt to salvage confidential data fragments from the pagefile since the EFS cannot encrypt the page file. (BTW, this is one of the many reasons I like BitLocker better than EFS.)

Bottom line

If you are using Encrypting File System, you should enable this setting.

Upcoming Webinars

Anatomy of a Cloud Hack: The Cloudflare/Okta Compromise – A Story of Tokens, Lateral Movement, Persistence and the Salvation of Zero Trust and Hard MFA Tokens

Additional Resources

Shutdown

•	Allow system to be shut down without having to log on
•	Clear virtual memory pagefile

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.