VBS utilizes the Windows hypervisor to build this virtual safe mode and implement constraints that safeguard critical system and OS resources, or to safeguard safety features such as authenticated user credentials. Even if malware gains access to the OS kernel, the enhanced protection provided by VBS may limit and contain potential risks, as the hypervisor can avoid malware from executing software or accessing system secrets. One such instance is the Hypervisor-Enforced Code Integrity (HVCI), which utilizes VBS to enhance code integrity policy enforcement substantially. The integrity of the kernel mode controls all of the switches and binaries in the kernel mode and avoids the loading of unsigned drivers or system files into system memory. Similarly, before loading, user mode configurable code integrity policy checks apps and starts only executables signed by recognized, authorized signers. In a safe setting, HVCI uses VBS to operate the code integrity service, offering greater protection against malware and kernel viruses. The hypervisor, which is the most privileged system software level, sets and implements page permissions throughout all system memory. Pages are only executable after code integrity controls have been completed within the secure region and executable pages cannot be written. Even when vulnerabilities such as a buffer overflow allow malware to try and alter memory, the code pages cannot be changed and the modified memory cannot be executed. For Windows 10, section 1903 (OS build 18362.383) a virtualization-based safety is accessible on supported ARM systems operating on the Qualcomm’s Snapdragon 850 platform and subsequent versions. When this safety function is activated, you may encounter the following problems if the system is unsafe:
Fingerprint authentication stops because fingerprint authentication information is cleared to safeguard your privacy. Videos that are protected from Digital Rights Management (DRM) cannot be performed.
The following table lists circumstances that could imply that the system is unsecured. The table also lists the techniques for reversing the system from this state. Note:To use authentication of fingerprint, clear your current information and re-set fingerprint authentication. Before doing this, we suggested that you return your system to a safe setup.
bcdedit /set hypervisordebug off bcdedit /deletevalue hypervisorloadoptions