How to Check Everything Related to Virtualization Based Security in Windows 11 скачать в хорошем качестве

How to Check Everything Related to Virtualization Based Security in Windows 11

In this video, we take a deep technical dive into Virtualization-Based Security (VBS) in Windows 11 and learn how to check every important configuration and status field directly from the system — and understand what each value actually means. We’ll use PowerShell and the Win32_DeviceGuard class to inspect the exact security posture of your system and understand what each value actually means. 1️⃣ AvailableSecurityProperties Shows which hardware security features are available on the device 0 – No relevant properties exist 1 – Hypervisor support available 2 – Secure Boot available 3 – DMA protection available 4 – Secure Memory Overwrite available 5 – NX protections available 6 – SMM mitigations available 7 – MBEC/GMET available 8 – APIC virtualization available 👉 This tells you what the hardware can support. 2️⃣ RequiredSecurityProperties Shows which hardware features are required to enable VBS. 0 – Nothing required 1 – Hypervisor support required 2 – Secure Boot required 3 – DMA protection required 👉 This tells you what must be present for VBS to work. It reads from Registry setting HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\RequirePlatformSecurityFeatures Supported values for RequirePlatformSecurityFeatures 0 – Best effort (no strict requirements). 1 – Requires Hypervisor + Secure Boot (1,2). 3 – Requires Hypervisor + Secure Boot + DMA protection (1,2,3). 3️⃣ Code Integrity Enforcement Status Kernel Mode CodeIntegrityPolicyEnforcementStatus 0 – Off 1 – Audit mode 2 – Enforced User Mode UsermodeCodeIntegrityPolicyEnforcementStatus 0 – Off 1 – Audit mode 2 – Enforced 👉 Shows whether code integrity policies are disabled, monitoring only (audit), or fully enforced. 4️⃣ SecurityServicesConfigured Shows which VBS-related services are configured. 0 – None configured 1 – Credential Guard configured 2 – Memory Integrity configured 3 – System Guard Secure Launch configured 4 – SMM Firmware Measurement configured 5 – Kernel-mode Hardware-enforced Stack Protection configured 6 – Kernel-mode Stack Protection configured (Audit mode) 7 – Hypervisor-Enforced Paging Translation configured 👉 Configured means enabled in settings, not necessarily running. 5️⃣ SecurityServicesRunning Shows which services are actively running. 0 – None running 1 – Credential Guard running 2 – Memory Integrity running 3 – System Guard Secure Launch running 4 – SMM Firmware Measurement running 5 – Kernel-mode Hardware-enforced Stack Protection running 6 – Kernel-mode Stack Protection running (Audit mode) 7 – Hypervisor-Enforced Paging Translation running 👉 Running means currently active and enforced. 6️⃣ VirtualizationBasedSecurityStatus 0 – VBS not enabled 1 – VBS enabled but not running 2 – VBS enabled and running 👉 Shows overall VBS state. 7️⃣ VirtualMachineIsolation Indicates whether virtual machine–based hardware isolation is enabled. 8️⃣ VirtualMachineIsolationProperties Shows which advanced VM isolation technologies are available: 1 – AMD SEV-SNP 2 – Virtualization-Based Security 3 – Intel TDX 👉 These provide stronger hardware-level isolation beyond standard VBS. 9️⃣ SmmIsolationLevel Indicates the isolation level of System Management Mode (SMM). Higher levels mean stronger firmware-level protection.