Event details
Hotpatching should be for specific use-case devices, not everything.
Additionally, regarding VBS being a pre-req, any device that has been installed with Win11 22H2 or later has HVCI and VBS enabled by default. You can also enable VBS via the Settings Catalog in Intune, and it's really poor that option wasn't shown in the video at all. Just don't assign it to devices or you'll get a reboot during Autopilot.
So we can not use Hotpatching for example Citrix VMs, because it is not supported by Citrix Hypervisor (VBS requires nested virtualization support).
Right?
- VishalBajajMar 03, 2025
Microsoft
VBS does not require nested virtualization support. It can work in Guest mode too. But you will need a hypervisor that can
1) Expose Virtual Trust Levels (VTLs) interfaces (which do not exist other than HyperV) OR
2) Create a VM with nested virtualization support
There is no need to create a nested VM in the VM
- IT_SystemEngineerMar 04, 2025Brass Contributor
Okay. For Example:
VMware ESXi 8.0 Hypervisor >> Win11 VMs >> Citrix 7 VDA LTSR >> GPO "Turn On VBS" = EnabledWith this configuration, we get the following error during gpupdate:
{F312195E-3D9D-447A-A3F5-08DFFA24735E} failed due to the error listed below.
A hypervisor feature is not available to the user.Why do we get this error?
Is it because the option "Virtualization Based Security" = Disabled in vSphere?