VMware Workstation Pro
VMware Workstation is a hosted (Type 2) hypervisor that runs on x64 versions of Windows and Linux operating systems. It enables users to set up and manage virtual machines (VMs) on a single physical machine, allowing for the execution of multiple operating systems simultaneously.
๐ Resources ๐
VMware Workstation Pro Download - Broadcom (free, no license required)
Install and Windows tweaks
โ I do not assume any responsibility for the potential risks or consequences associated with the disabled memory integrity and Virtualization-based security.
๐ Options to optimize gaming performance in Windows 11 - Microsoft Support
๐ Enable or Disable Core Isolation and Memory Integrity in Windows 11
๐ How to Disable or Remove Hyper-V in Windows 11
๐ Download Device Guard and Credential Guard hardware readiness tool
๐ Disabling Hyper-V hypervisor on Windows 11 Pro host (to get VMWare 17's CPL0 vs. ULM monitor mode) - ๐ The following steps include some key points from this highly informative article, which provides an excellent explanation of the issue.
Nesting considerationsThe following is done to ensure VMware Workstation virtualization operates smoothly without any performance issues, using its own VMware virtualization engine, instead of the slower Hyper-V API, to create the virtualized environment.
CPL0 (Current Privilege Level 0): The VMM (Virtual Machine Monitor) runs directly on the host hardware using Intel VT-x or AMD-V, providing full control and optimal performance, with no nested layers.
ULM (User-Level Monitor): The VMM runs on top of Hyper-V, allowing coexistence with VMware Workstation but with added overhead and reduced performance, with an extra level of nesting.
these values can be seen by searching
Monitor Mode:in thevmware.logfile of a running VM.VMware and Hyper-V can coexist using the newer VMware version and
Windows Hypervisor Platform (WHP), but nested virtualization can be slower than normal. Your choice.Memory integrity (hypervisor-protected code integrity) is a security feature of Core isolation that prevents attacks from inserting malicious code into high-security processes. Take your own risk by disabling it.
Run the commands from an elevated Powershell to DISABLE Hyper-V, all its subfeatures, Windows Hypervisor Platform, Virtual Machine Platform, and Windows Sandbox:
# Disables the Windows Hyper-V
bcdedit /set hypervisorlaunchtype off
Disable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux,VirtualMachinePlatform,Microsoft-Hyper-V-All -NoRestart
Get-AppxPackage -AllUsers *WindowsSubsystemForLinux* | Remove-AppxPackage -AllUsers# Check the state of the features, should be State: Disabled
Get-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
Get-WindowsOptionalFeature -Online -FeatureName VirtualMachinePlatform
Get-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V-AllRun the commands from an elevated Powershell to DISABLE Memory Integrity and Virtualization-based security (Device/Credential Guard) via Registry:
reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 0 /f
reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\SystemGuard" /v "Enabled" /t REG_DWORD /d 0 /f
reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /t REG_DWORD /d 0 /f# Check the state of the reg keys
$keys = @(
"HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity",
"HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\SystemGuard",
"HKLM:\SYSTEM\CurrentControlSet\Control\DeviceGuard",
"HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard"
)
$values = "Enabled", "EnableVirtualizationBasedSecurity"
foreach ($key in $keys) {
if (Test-Path $key) { # Check if the registry key exists
foreach ($value in $values) {
$result = Get-ItemProperty -Path $key -Name $value -ErrorAction SilentlyContinue
if ($result -and ($result.PSObject.Properties.Name -contains $value)) {
Write-Output "$key\$value : $($result.$value)"
}
}
}
}In case this is still not working, use the Device Guard and Credential Guard hardware readiness tool with the -Disable command.
โ Reboot PC
Install VMware Workstation Pro
use the downloaded
exefile - https://support.broadcom.com/group/ecx/downloads (login necessary)Stop and avoid installing
Windows Hypervisor Platform (WHP)(feature) when asked by the VMware Workstation installer - this means Hyper-V has not been fully disabled, try again the entire disabling process.
or install latest VMware Workstation Pro package via Chocolatey
# Chocolatey install + VMware Workstation
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
choco install vmwareworkstation -y
# To upgrade
choco upgrade vmwareworkstation -yDisable power throttling for the VMware executables
# Disables power throttling for the VMware virtual machine executable (64-bit version)
powercfg /powerthrottling disable /path "C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe"
# Disables power throttling for the main VMware Workstation executable
powercfg /powerthrottling disable /path "C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe"VMware tips
Verify the Monitor Mode
To check, open the VM directory in VMware Workstation, locate
vmware.log, and search forMonitor Mode:The
vmware.logshould show โMonitor Modeโ asCPL0instead ofULM(Hyper-V)
Delay the bios boot in a VM
# Add line to .vmx file:
bios.bootDelay = "5000"Last updated
Was this helpful?