Security News > 2023 > January > Microsoft tests live kernel memory dumps in Windows 11 Task Manager

Microsoft is testing a new diagnostic tool in Windows 11 that lets you create live kernel memory dumps without disrupting the operation of Windows.
A live kernel dump is a snapshot of the kernel's memory at the time of the dump, which is then saved to a file.
In a new Windows 11 preview build 25176, released earlier today to the Windows Insider Dev channel, Microsoft has added a new feature that lets you create live kernel memory dumps in Task Manager.
In the latest build, you can capture a live kernel memory dump by going to the Details page in Task Manager, right-clicking on the System process, and selecting the "Create live kernel memory dump file" option.
This will capture a Full live kernel or Kernel stack memory dumps and can be used to troubleshoot bugs and performance issues that Microsoft describes as "Abnormal" but don't prevent Windows from running.
The Windows 11 Task Manager has seen frequent updates from Microsoft, with a new design based on Fluent UI and WinUI, and the company also added a search bar to the app.
News URL
Related news
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Microsoft tests new Windows 11 tool to remotely fix boot crashes (source)
- Microsoft lifts Windows 11 update block for some AutoCAD users (source)
- Microsoft replacing Remote Desktop app with Windows App in May (source)
- Microsoft: Recent Windows updates make USB printers print random text (source)
- Microsoft: March Windows updates mistakenly uninstall Copilot (source)
- Microsoft fixes Windows update bug that uninstalled Copilot (source)
- Microsoft lifts Windows 11 upgrade block after Asphalt 8 crash fix (source)
- Microsoft: Recent Windows updates cause Remote Desktop issues (source)
- Microsoft fixes printing issues caused by January Windows updates (source)