Although Windows 11 is now available for download, there is still concern that it will have a negative impact on gaming performance. This appears to be largely due to Microsoft’s use of virtualization-based security (VBS).
At least, that’s what UL Benchmarks, the makers of the popular 3DMark and PCMark benchmarking tools, have concluded after conducting their own tests.
VBS creates and isolates a secure memory region from the normal operating system using hardware virtualization features. It can be used by the operating system to host a variety of security solutions and keep them safe from other system vulnerabilities.
More information is available in Microsoft’s support document. VBS has a negative impact on gaming performance, according to UL Benchmarks. They’ve also confirmed that future versions of their benchmarks will include VBS detection to aid in your comprehension.
In the meantime, here’s a quick guide to check if VBS is enabled on your computer:
What is Virtualization-Based Security (VBS) in Windows 11?
VBS, or virtualization-based security, employs hardware virtualization to create and isolate a secure memory region from the rest of the operating system. This “virtual secure mode” can be used by Windows to host a variety of security solutions, providing them with significantly increased protection from operating system vulnerabilities and preventing the use of malicious exploits that try to circumvent protections.
Hypervisor-Enforced Code Integrity (HVCI), also known as Memory Integrity, is one example of a security solution that makes use of VBS to significantly strengthen code integrity policy enforcement.
All kernel mode drivers and binaries are checked for code integrity before they’re started, and unsigned drivers or system files aren’t loaded into system memory.
VBS creates this virtual secure mode and enforces restrictions that protect critical system and operating system resources, as well as security assets such as authenticated user credentials, using the Windows hypervisor.
Even if malware gains access to the OS kernel, possible exploits can be greatly limited and contained thanks to VBS’s enhanced protections, because the hypervisor can prevent malware from executing code or accessing platform secrets.
Similarly, a user-configurable code integrity policy checks applications before they’re loaded, only allowing executables signed by known, approved signers to run. HVCI makes use of VBS to run the code integrity service in a secure environment, which provides better protection against kernel viruses and malware.
Page permissions are set and enforced across all system memory by the hypervisor, the most privileged level of system software. Executable pages are not writable, and they are only made executable after code integrity checks inside the secure region have passed.
Even if there are vulnerabilities, such as a buffer overflow, that allow malware to modify memory, code pages cannot be modified, and modified memory cannot be made executable.
How to Check if VBS is Enabled in Windows 11?
- Click on the Windows+R button to open the Run dialog box.
- In the Run dialog box, type msinfo32 and press Enter.
- After that, scroll down inside the System Information app, and you will be able to see whether VBS is enabled on your PC or not.
- You can apply the same process to check if VBS is enabled in Windows 10 as well.
Well, that’s all we have for you about turning on Virtualization-Based Security (VBS) in Windows 11 and 10.
The Bottom Line
Well, that’s all we have here about how you can enable or disable Virtualization Based Security in Windows 11 and 10. We hope you find this guide helpful. If you have any doubts or queries, comment below using your name and email ID. Also, if you are new here, check out our best lists, explainers, and how-to guides.