Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

How to Enable Compatibility Mode for Application Issues with Dell Threat Defense and Dell Endpoint Security Suite Enterprise

Summary: Enable Memory Compatibility Mode in Dell Threat Defense and Dell Endpoint Security Suite Enterprise to resolve compatibility issues with other applications.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Symptoms

Note:

Affected Products:

  • Dell Endpoint Security Suite Enterprise
  • Dell Threat Defense

Memory Protection and Script Control are built on a memory filter driver to inject at the earliest possible point during process startup. Though Threat Defense does not support Memory Protection, if Script Control is enabled on Threat Defense, these issues be present. Third-party products that also monitor memory processes handle injections differently and may not be prepared for injection as early in the process as Memory Protection. This causes the third-party application to crash. To resolve this issue, you can add a registry key to allow Memory Protection to inject in the same manner as other applications.

Cause

Not Applicable

Resolution

Warning: Dell does not recommend permanently adding compatibility mode to a production environment, as this may present a change in the protection posture for endpoints that Compatibility Mode is applied to. Compatibility Mode modifies the point in which Dell’s Advanced Threat Prevention is injected into a running process to monitor its actions. This small window may provide an opportunity for advanced malware to run malicious behavior.

The Advanced Threat Prevention (ATP) engine of Dell Threat Defense or Dell Endpoint Security Suite Enterprise must have a compatibility mode that is enabled to resolve potential conflicts.

Note: Compatibility Mode must be added to the registry before you enable Memory Protection and Script Control in policy.

To enable Compatibility Mode:

  1. Right-click the Windows start menu and then click Run.

Click Run
Figure 1: (English Only) Click Run

  1. In the Run UI, type regedit and then press OK. This opens the Registry Editor.

Type regedit
Figure 2: (English Only) Type regedit

Warning: The next step is a Windows Registry edit:
  1. In the Registry Editor, go to HKEY_LOCAL_MACHINE\Software\Cylance\Desktop.
  2. Right-click the Desktop folder and then click Permissions.

Click Permissions
Figure 3: (English Only) Click Permissions

  1. In the Permissions for Desktop UI, check Full Control for the active user and then press OK.

Check Full Control
Figure 4: (English Only) Check Full Control

Note: In the example, the active user is part of the Users group. This user or group may differ from your environment.
  1. Right-click Desktop folder, click New, and then select DWORD.

Click DWORD (32-bit) Value
Figure 5: (English Only) Click DWORD (32-bit) Value

  1. Name the DWORD CompatibilityMode and then press enter.
  2. Right-click CompatibilityMode and then click Modify.

SLN309160_en_US__8ddpkm1116f
Figure 6: (English Only) Click Modify

  1. Change the Value data to 1 and then click OK.

Update Value data to 1
Figure 7: (English Only) Update Value data to 1

  1. Exit the Registry Editor.
  2. Reboot the computer to apply the compatibility mode changes.

Enabling Compatibility Mode using Command-Line Option

Using PSExec to inject this registry key:

psexec -s reg add HKEY_LOCAL_MACHINE\SOFTWARE\Cylance\Desktop /v CompatibilityMode /t REG_BINARY /d 01

PSexec can be acquired from Microsoft here: https://docs.microsoft.com/en-us/sysinternals/downloads/psexec This hyperlink is taking you to a website outside of Dell Technologies.

Note: PSexec is commonly seen as a Potentially Unwanted Program (PUP) and may be automatically quarantined before it can be run.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Affected Products

Dell Threat Defense, Dell Endpoint Security Suite Enterprise
Article Properties
Article Number: 000131608
Article Type: Solution
Last Modified: 09 Feb 2024
Version:  10
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.