Will Windows 11 security features reduce performance? Validate virtualization-based VBS

Understanding VBS roughly

　Virtualization Based Security (VBS) installed in Windows 11 uses the virtualization function known as Hyper-V etc. It is a function that can be used to perform security functions etc. in an isolated and safe environment.

For details on how it works, please refer to the related article below, but I will briefly explain it here.

[Kazuki Kasahara's Ubiquitous Information Bureau] Why does Windows 11 need a TPM and has strict CPU limits?

Simply put, VBS (the function name is "core isolation") prepares an isolated virtual machine called VSM (Virtual Secure Module), which has a higher privilege level than the OS, and security check functions and important It is a function to place various security assets (credential information) etc.

One of the hot topics in Windows 11 is HVCI (Hypervisor-Enforced Code Integrity), which is one of the functions of VBS. The function name is "Memory Consistency". This is a feature that checks driver and code signatures to ensure that only legitimate code is executed.

　In the unlikely event that Windows is infected with malware, it is not possible to access the independent check function VSM, so this check function itself You don't have to worry about being disabled, and you can't access critical system resources on the VSM.

　In other words, it's like a guard who checks the entry and exit of suspicious people at the gate, but this guard is a completely independent existence that is not interfered by the organization to which he belongs, and he has a high position. For this reason, there is no worry that the guard itself will be incapacitated by bribery or the like.

　The confusing thing about this function is the appearance of various abbreviations. In summary, it is as follows.