mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00

Alekhya Jupudi aa4250bac3 Update policy-csp-virtualizationbasedtechnology.md

2021-12-08 14:21:05 +05:30

3.4 KiB

Raw Blame History

title, description, ms.author, ms.topic, ms.prod, ms.technology, author, ms.localizationpriority, ms.date, ms.reviewer, manager

title	description	ms.author	ms.topic	ms.prod	ms.technology	author	ms.localizationpriority	ms.date	ms.reviewer	manager
Policy CSP - VirtualizationBasedTechnology	Learn to use the Policy CSP - VirtualizationBasedTechnology setting to control the state of Hypervisor-protected Code Integrity (HVCI) on devices.	dansimp	article	w10	windows	alekyaj	medium	11/25/2021		dansimp

Policy CSP - VirtualizationBasedTechnology

VirtualizationBasedTechnology policies

VirtualizationBasedTechnology/HypervisorEnforcedCodeIntegrity

VirtualizationBasedTechnology/RequireUEFIMemoryAttributesTable

VirtualizationBasedTechnology/HypervisorEnforcedCodeIntegrity

Edition	Windows 10	Windows 11
Home	Yes	Yes
Pro	Yes	Yes
Business	Yes	Yes
Enterprise	Yes	Yes
Education	Yes	Yes

Scope:

[!div class = "checklist"]

Device

Allows the IT admin to control the state of Hypervisor-protected Code Integrity (HVCI) on devices. HVCI is a feature within Virtualization Based Security, and is frequently referred to as Memory integrity. Learn more here.

Note

After the policy is pushed, a system reboot will be required to change the state of HVCI.

The following are the supported values:

0: (Disabled) Turns off Hypervisor-Protected Code Integrity remotely if configured previously without UEFI Lock
1: (Enabled with UEFI lock) Turns on Hypervisor-Protected Code Integrity with UEFI lock
2: (Enabled without lock) Turns on Hypervisor-Protected Code Integrity without UEFI lock

VirtualizationBasedTechnology/RequireUEFIMemoryAttributesTable

Edition	Windows 10	Windows 11
Home	Yes	Yes
Pro	Yes	Yes
Business	Yes	Yes
Enterprise	Yes	Yes
Education	Yes	Yes