Why Is CPU Virtualization Usually Disabled By Default?

There are a lot of reasons you would want to turn on CPU virtualization. Being able to spin a virtual machine opens up all kinds of new potential whether you’re running a Macbook or a high power gaming PC. However, you’ve got to turn on hardware virtualization before you can start spinning virtual machines.

CPU virtualization is usually disabled by default because it protects computers from security risks and improves the overall performance of the PC. You can quickly turn on your computer’s hardware virtualization by entering your BIOS and turning on the right settings. Hardware virtualization allows you to run a virtual operating system inside of your computer for gaming, software testing, and for security reasons.

Let’s take a deep dive into the world of CPU virtualization and find out how you can enable this feature and why it might have been turned off by default.

What is a Virtual Machine (And Why You May Want To Run One)

Screenshot of the VirtualBox webpage a popular method for running VMs
Screenshot of the VirtualBox webpage a popular method for running VMs

A virtual machine is an emulated computer and operating system that runs inside your physical computer. One popular example is Mac users running, or spinning if you’re in the know, a virtual Windows OS to access software that isn’t compatible with Mac.

Virtual machines have tons of applications for everything from gaming to cybersecurity. There’s a few reasons that you should run a virtual machine even if you’ve never used one before.

A virtual machine lets you test drive a new operating system without having to actually install it. This lets you try out every aspect of a new OS without committing to the lengthy and tiring process of installing just for a test drive.

You also get to run any OS you want on your virtual machine. If you’ve ever wanted to run old school Windows for retro gaming, a virtual machine opens these doors and so many more.

You also have some additional utility when you use a virtual machine. You can look at your virtual operating system as a safe and closed environment for testing. This means you can tear apart your virtual registry or open potentially risky downloaded programs without risking your physical machine – assuming that you don’t allow the virtual machine full access to the host machine (i.e. your own computer).

Virtual machines are popular for all these reasons and more, but how can you get your BIOS to let you run one?

What is the BIOS “Hardware Virtualization”/”Virtual Machine Support” Setting

The hardware virtualization setting in the BIOS is what allows you to toggle virtual machines on and off. That might be a bit of an oversimplification, but it is the end effect that these settings are going to have. Whether or not this is enabled by default all depends on your particular system.

Plenty of modern systems have hardware virtualization support, although you often need to change a quick setting in your BIOS. You’ll then be able to run a virtual machine without making any special setting changes in your computer.

However, this varies by manufacturer, model, and even the year your device was made. You might have a brand new computer, but you’ll still need to go in and toggle hardware virtualization on and off if you want to run a virtual machine.

Why is CPU Virtualization Disabled by Default?

The SVM virtualization option is disabled by default on my AMD Ryzen build
The SVM virtualization option is disabled by default on my AMD Ryzen build

By this point you might be wondering why CPU virtualization is disabled by default. It might seem like it just makes more sense to leave this feature on. Your average user isn’t going to notice it and the people who use hardware virtualization are going to appreciate the convenience.

However, there’s some very important reasons why CPU virtualization is typically disabled for most machines. These come down to security and performance.

Security First By Design

There’s one very important reason why hardware virtualization is disabled on all machines by default. This is a security breach known as Blue Pill.

Blue Pill gets its name from The Matrix. Taking the Blue Pill means staying in the fake reality where the machines run everything. The Blue Pill exploit for computers sets up a minimal virtual machine on the infected computer which tricks users into thinking nothing has changed while giving hackers total control over a machine.

This exploit was discovered in 2008 and ever since then it’s been common from machines to ship with CPU virtualization turned off by default. If CPU virtualization is turned off, hackers can’t get the Blue Pill exploit working.

There are other cybersecurity risks, attacks, and hacks that all depend on hardware virtualization being turned on. Turning on this feature does put your computer at some additional risks, but you can mitigate the use by being just as good at cybersecurity as you are at setting up a virtual machine.

A few basic tips to protect your computer include setting up antivirus software and a strong firewall, never opening suspicious files, websites, or programs, and making sure you do routine malware sweeps on your PC.

Optimizing Performance for the “Average” User

CPU virtualization is also turned off because it can create performance issues. It takes a lot of computing power to run a virtual machine. This creates a lot of demand on your PC which can limit the overall performance that you can get out of software and games.

Your average user probably won’t be getting much out of a virtual machine. This is something of a specialty feature. Most manufacturers leave this feature turned off by default in order to free up any additional processing power four things that average users tend to focus on such as work, gaming, and other common processing tasks.

Turning on Virtual Machine Support On Your Computer

Turning on the virtual machine capabilities for your PC is actually fairly straightforward. In most cases, all you’re going to need to do is boot into the BIOS to make a few quick settings changes. This process is very straightforward and can be done in just a few minutes.

Challenges start to pop up when you have a second hand PC. The previous owner might have made some tweaks here and there that you need to compensate for. We’re also going to go over how you can turn on Virtual hardware virtualization for both Mac and Linux operating systems.

BIOS (Windows)

The SVM Mode CPU Virtualization option within an Asus motherboard on the AMD platform
The SVM Mode CPU Virtualization option within an Asus motherboard on the AMD platform

Enabling hardware virtualization on a Windows machine is very easy. The tricky part here is the fact that hardware virtualization goes by many names depending on the particular hardware you’re using. You can follow this guide to find the correct settings to turn on.

If you want to eliminate the risk of any error, check out your motherboard’s manual before turning on hardware virtualization. This will list the specific names of the features that you need to turn on. Remember, the motherboard user manual is the single most important, and the single most underutilized, tool that comes with your PC.

  1. Reboot your PC
  2. Press Delete, Escape, F1, F2, or F4 several times while your computer is booting
  3. Your BIOS might have a different key you need to press in order to boot into the BIOS settings menu. This key will either be listed in your motherboard’s manual or it might appear on the bottom of the screen during a regular boot
  4. Find your BIOS CPU settings which are often under the “Advanced” section. These settings can be called Chipset, Processor, or Northbridge
  5. Enable your hardware virtualization settings, which could be listed as VT-x, AMD-V, SVM, or Vanderpool
  6. Enable Intel VT-d or AMD IOMMU if they are available
  7. Save your changes
  8. Reboot your PC

Depending on the exact type of virtualization you want to run, you might then need to search for “Turn windows features on or off” and enable “Virtual Machine Platform” and/or “Windows Hypervisor Platform”:

Two Windows features for Virtualization that you may need to enable
Two Windows features for Virtualization that you may need to enable

Mac

Mac users have it lucky when it comes to enabling virtual machines. Hardware virtualization is enabled by default for all modern MacBooks. You shouldn’t have to turn on any settings and can cut right to installing the software you need to run virtual machines.

However, along the way you might have accidentally disabled hardware virtualization. The previous owner could have also changed the settings to turn off hardware virtualization. This one quick thing you can do to reset the settings on your MacBook.

Your Mac’s NVRAM and PRAM record all of the system settings for your Mac. If you can’t get a virtual machine running, you can reset your system settings by following these steps.

  1. Restart your Mac
  2. Hold Option, Command, P, and R for 20 seconds
  3. Your NVRAM and PRAM will be reset
  4. Remember to change any system settings, like volume and brightness, that will also be reset to their defaults

Linux

If you’ve been a Linux user for any amount of time, you’re not going to be surprised by what we’re about to say. How your machine enables virtual machines depends entirely on the specific Linux distro that you’ve installed as well as the hardware your machine is running. You’ll likely need sudo privileges and some command line, or terminal, commands to get things running.

The good news is, you can follow the exact same steps we used to turn on hardware virtualization in Windows to turn on the same features on your Linux machine. You are then free to download VMware, VirtualBox, or the ever-popular Kernel-based Virtual Machine and start spinning!

cropped A picture of me Tristan
About Tristan Perry

Tristan has been interested in computer hardware and software since he was 10 years old. He has built loads of computers over the years, along with installing, modifying and writing software (he's a backend software developer 'by trade').

Tristan also has an academic background in technology (in Math and Computer Science), so he enjoys drilling into the deeper aspects of technology.

Tristan is also an avid PC gamer, with FFX and Rocket League being his favorite games.

If you have any questions, feedback or suggestions about this article, please leave a comment below. Please note that all comments go into a moderation queue (to prevent blog spam). Your comment will be manually reviewed and approved by Tristan in less than a week. Thanks!

Leave a comment