wyDay blog  |  Downloads  |  Buy
Support forum
wyDay blog
wyDay Home

Virtualization Based Security in Win 10Answered

There's been plenty of discussion regarding false-positive virtualization detection, and in previous posts, wyDay says they err in favor of avoiding false positives. It's becoming more likely, though, to encounter “false-positives” on the latest devices and Windows versions because, well, they're not really false detections; virtualization is enabled. Even with Hyper-V, Windows Virtualization Platform, Windows Hypervisor Platform and Windows Subsystem for Linux disabled, TurboActivate still detects virtualization as enabled. We can disable Windows' virtualization-based security features--those responsible for this “hidden” hypervisor--but why would we do that? Advanced security features are needed now more than ever.

Steps to disable virtualization-based security include changing BIOS/UEFI settings, deleting registry keys, modifying group policy and other invasive changes. This isn't an acceptable option to work around TurboActivate's virtual machine detection.

How can we get TurboActivate to successfully activate keys without disabling Windows virtual-based security, enabling virtual machine activation or switching to TurboFloat?


Aug 18, '21permalink

You can enable activations on Virtual Machines. That is an option and has always been an option. You can enable it on a per-product key basis, or version wide.

It’s in your hands.

TurboActivate will still accurately detect VMs. And we’ll still always recommend TurboFloat on VMs (for the multitude of reasons described in our help articles).

But, like I said, the power is in your hands. We just provide the information and alternatives for you to make the decisions.

Aug 18, '21, edited Aug 18, '21permalink

Hi Wyatt,

We've run into this with some customers running Windows 11, too.  We use TurboActivate together with verified trials.  We disallow VM activation by default so users cannot trial our software when their Virtualized-Based Security (VBS) is enabled on their Windows OS running on a physical (non-virtualized) machine.  We have received an uptick in support tickets about false positives for trial users.  This hinders onboarding and of course sales.  There may be trial users of our software that just don't write in because they cannot even get their trial to operate.

It seems that Microsoft is headed toward the direction of having this VBS feature built into Windows —and having it enabled — with newly shipped machines.  I do think it's fair to ask that LimeLM's VM detection algorithm take into consideration Microsoft's VBS as it continues to develop.  I don't think that having this feature enabled should mean that the host is virtual.  Is there any way the algorithm can determine the difference between a full-blown VM and a physical machine with VBS turned on?



Sep 23permalink

Virtualized security is still in a VM.

LicenseChest solves this problem and will be out soon.

Sep 23permalink


Just to let you know we are seeing a strong uptick in false positives regarding Windows 11 installs.  Microsoft might have enabled the virtualized security as default in Windows with recent updates and for new installs of the OS.  In any case, it's causing a problem for folks who just want to try the software.

To verify this is the case, we edited the product to allow activations on VMs by default.  It's not ideal as per your recommendation in the LimeLM edit product interface, but the customers need to be able to try our software for a positive out-of-box experience after install.

Please let us know about your ETA with LicenseChest.  Do you have an ETA or some kind of progress report on it that you can share with the community?



Jan 26permalink