Table of contents
Collapse the table of content
Expand the table of content


Last Updated: 1/24/2017

Specifies the code integrity that will be enforced for the hypervisor, which is a layer of software under the OS that runs virtual machines.

Important You must first use DISM to add the virtualization-based security features before you apply this Unattend setting. For more information, see Add the virtualization-based security features by using DISM in Credential Guard.




Code integrity for the hypervisor is not enabled.

This is the default OS value.


Code integrity for the hypervisor is enabled.

Parent Hierarchy

Microsoft-Windows-DeviceGuard-Unattend | HypervisorEnforcedCodeIntegrity

Valid Configuration Passes


Applies To

Windows 10 Enterprise

Windows Server 2016

For a list of the Windows editions and architectures that this component supports, see Microsoft-Windows-DeviceGuard-Unattend.

Send comments about this topic to Microsoft

© 2017 Microsoft