With the introduction of Windows 11 version 24H2, some users have noticed that even after turning off Memory Integrity and other security features, Virtualization-Based Security (VBS) continues to run. This can have a negative impact on CPU performance, especially for users with AMD systems or those who rely on high-performance computing, such as gamers.
Disabling Memory Integrity alone does not completely turn off VBS. To restore full CPU performance, you must disable VBS through the registry. Follow the steps below to do this.
Step-by-Step Guide to Disabling VBS
1. Turn Off Tamper Protection
Tamper Protection prevents any unauthorized changes to your Windows Security settings, which includes registry modifications. To disable VBS, you must first turn off Tamper Protection. Here’s how:
To turn off Tamper Protection via Windows Security:
- Open Settings by pressing
Win + I
. - Go to Privacy & Security and select Windows Security.
- Under Virus & threat protection, scroll down and click Manage settings.
- Find Tamper Protection and toggle it Off.
1.1 Disabling Tamper Protection via the Registry (For Third-Party Security Software Users)
If you are using third-party security software, Tamper Protection might not be visible in the Windows Security interface. In such cases, you can disable it via the registry:
- Press
Win + R
, typeregedit
, and press Enter to open the Registry Editor. - Navigate to the following path:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features
- Locate the TamperProtection DWORD value.
- Double-click on TamperProtection and change its value:
4
to turn Tamper Protection Off.5
to turn Tamper Protection On.
- Close the Registry Editor and restart your PC.
This ensures that Tamper Protection is disabled even if you’re using third-party antivirus or security software.
2. Open the Registry Editor to Disable VBS
Now that Tamper Protection is turned off, you can proceed to disable Virtualization-Based Security through the registry:
- Press
Win + R
, typeregedit
, and press Enter to open the Registry Editor. - Navigate to this path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard
- Look for the DWORD EnableVirtualizationBasedSecurity.
- Double-click on it and set its value to
0
to disable VBS.
3. Restart Your PC
After making these changes, restart your computer. Once the system restarts, verify that VBS is disabled by opening System Information (Win + R
, type msinfo32
) and checking the Virtualization-based security entry. It should now say “Not enabled”.
By following these steps, you should notice improved performance, as your CPU will no longer be restricted by VBS.
Alternative Method: Disabling SVM Mode or VT-X
For AMD users, disabling SVM Mode (or VT-X for Intel users) in the BIOS is another method to disable VBS. However, this method disables all virtualization features, including the ability to run virtual machines, so use this only if you do not require virtualization.
To disable SVM Mode or VT-X:
- Restart your PC and enter the BIOS/UEFI settings (this usually involves pressing
Delete
,F2
, or another key during startup). - Navigate to the CPU Configuration or a similar section.
- Find SVM Mode (for AMD) or VT-X (for Intel) and disable it.
- Save your settings and exit the BIOS.
Important Notes for Gamers
Be cautious when disabling VBS if you play games that use anti-cheat software like Riot Games’ Vanguard 2.0. Some games require VBS to be enabled to maintain security through VBS Enclaves, which prevent cheating. Disabling VBS could result in these games not running correctly, so verify your game’s requirements before making any changes.
Additional Resources
For more information on the new features of Windows 11 version 24H2, you can read the official Microsoft blog post. To learn more about VBS Enclaves, check out the Microsoft documentation.