Share via

Surface and Virtualization concern

d00dz 0 Reputation points
2025-03-27T13:42:43.74+00:00

Hi, this is not exactly a question, it's just to offer a resolution to people who are struggling with VT-X virtualization problem on Surface Laptop and I would like to know a way to send this feedback to MS team, because it has no sense all the actions I need to do to get this working on a Surface Laptop for Business, which is supposed to be for business users.

Firstly, open "system information" and look for the bottom lines which are saying "Virtualization based security" and related. You will see how these options are disabling on every reboot, so open this windows after every reboot.

I went to UEFI and disabled Secured Code option (turn off and press F4 while press turn on)
I had to follow this steps:
https://learn.microsoft.com/en-us/windows/security/identity-protection/credential-guard/configure?tabs=reg#disable-credential-guard (followed gpo instructions and regedit instructions only. I didnt need to follow UEFI instructions). Reboot

https://learn.microsoft.com/en-us/windows/security/identity-protection/credential-guard/configure?tabs=reg#disable-virtualization-based-security (followed gpo instructions and regedit instructions only. I didnt need to follow UEFI instructions). Reboot

Open a terminal with admin privileges and type:

bcdedit /set hypervisorlaunchtype off

bcdedit /set vsmlaunchtype off

Reboot

Go to Windows Security > Device > Core Isolation > Disable Memory Integrity

Reboot

And finally I found this post https://learn.microsoft.com/en-us/answers/questions/2113711/vbs-is-not-disabled-on-windows-11-version-24h2-os .

"Apparently, Microsoft employs such unique people that they didn't bother to explain that now Windows Hello security, starting with version 24H2, is based on VBS. To disable VBS, all you had to do was disable Windows Hello in Device Guard in the registry in this way:

  • On the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\WindowsHello path, you need to change the value of the DWORD parameter "Enabled" to 0
  • After restarting your PC, VBS should be turned off
  • At the same time, oddly enough, the ability to log in to an account via Windows Hello (in particular, using a PIN code) still remains"

Did that and finally got to disable VSM and virtualize with Virtualbox.

I don't know why Microsoft did this so hard and I appreciate if somebody could tell me how to send this feedback for surfaces (I think other laptops doesn't have this problem)

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
11,384 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Molly Lu-MSFT 2,586 Reputation points Microsoft External Staff
    2025-03-28T08:50:49.4766667+00:00

    Hello,

    Thank you for posting in Microsoft Q&A.

    Based on the description, I understand your question is related to Surface and Virtualization concern.

    Thanks for sharing your experience about this issue, this may help others with similar issues.

    It is recommended to report this issue to Microsoft, use the Feedback Hub app. To learn more, see Send feedback to Microsoft with the Feedback Hub app:

    https://support.microsoft.com/en-us/windows/send-feedback-to-microsoft-with-the-feedback-hub-app-f59187f8-8739-22d6-ba93-f66612949332

    Also, For issues specifically related to Surface devices, you can use the Surface Support Portal. This portal provides resources and tools to help troubleshoot and resolve issues with Surface devices:

    https://learn.microsoft.com/en-us/surface/surface-support-portal

    Have a nice day.

    Best Regards,

    Molly

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.