diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index ca7e4f4d3b..e489a2a89e 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -245,7 +245,8 @@ DxeMain (
   EFI_VECTOR_HANDOFF_INFO         *VectorInfoList;
   EFI_VECTOR_HANDOFF_INFO         *VectorInfo;
 
-  gRing3Data = NULL;
+  gRing3Data     = NULL;
+  gUserPageTable = 0;
 
   //
   // Setup Stack Guard
diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
index 2a271bf889..eaa10d62a1 100644
--- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
+++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
@@ -909,6 +909,7 @@ ApplyMemoryProtectionPolicy (
 {
   UINT64  OldAttributes;
   UINT64  NewAttributes;
+  UINT64  CurrentAttributes;
 
   //
   // The policy configured in PcdDxeNxMemoryProtectionPolicy
@@ -964,11 +965,27 @@ ApplyMemoryProtectionPolicy (
   NewAttributes = GetPermissionAttributeForMemoryType (NewType);
 
   if (OldType != EfiMaxMemoryType) {
+    //
+    // AllocatePages
+    //
     OldAttributes = GetPermissionAttributeForMemoryType (OldType);
     if (OldAttributes == NewAttributes) {
       // policy is the same between OldType and NewType
       return EFI_SUCCESS;
     }
+
+    if ((gUserPageTable != 0) && (NewType == EfiRing3MemoryType)) {
+      gCpu->SetUserMemoryAttributes (gCpu, gUserPageTable, Memory, Length, NewAttributes);
+    }
+  } else {
+    //
+    // FreePages
+    //
+    gCpu->GetMemoryAttributes (gCpu, Memory, &CurrentAttributes);
+
+    if ((gUserPageTable != 0) && ((CurrentAttributes & EFI_MEMORY_USER) != 0)) {
+      gCpu->SetUserMemoryAttributes (gCpu, gUserPageTable, Memory, Length, EFI_MEMORY_RP);
+    }
   }
 
   return gCpu->SetMemoryAttributes (gCpu, Memory, Length, NewAttributes);
diff --git a/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c b/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c
index ddc4da3c82..d24b9fb551 100644
--- a/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c
+++ b/UefiCpuPkg/Library/CpuArchLib/CpuPageTable.c
@@ -421,6 +421,7 @@ CpuGetMemoryAttributes (
 
   PageEntry = GetPageTableEntry (&PagingContext, Address, &PageAttribute);
   if (PageEntry == NULL) {
+    *Attributes = 0;
     return EFI_NOT_FOUND;
   }