Protecting the pagefile

by Mitch Tulloch [Published on 30 Nov. 2011 / Last Updated on 13 Feb. 2011]

How to protect the pagefile in Windows 7.

The pagefile of a Windows 7 computer may contain sensitive information, and in certain scenarios such as high-security environments or with standalone kiosk machines that are not physically secured, you want to ensure no one can tamper with the system's pagefile. There are several things you can do to safeguard your pagefile in these situations.

To safeguard the pagefile against offline attack, you should enable BitLocker on the boot volume of the machine. If you are concerned not just with integrity but also confidentiality, you can set the following registry key to encrypt the pagefile on the system:

HKLM\SYSTEM\CurrentControlSet\Control\FileSystem\NtfsEncryptPagingFile

On Windows 7 the key used to encrypt the pagefile is ephemeral and is discarded at shutdown, making the contents of the pagefile inaccessible. Note that pagefile encryption is not enabled by default on Windows 7.

Finally, if you are concerned about online attack against the pagefile, don't be—if an attacker can access your pagefile then your system has already been compromised and you have worse things to worry about!

Mitch Tulloch is a Microsoft Most Valuable Professional (MVP) and widely recognized expert on Windows administration, deployment and virtualization. For more tips by Mitch you can follow him on Twitter or friend him on Facebook.

Featured Links