/// <summary>
/// Checks if Virtualization Based Security (VBS) is enabled
/// </summary>
/// <returns>TRUE if enabled, FALSE otherwise</returns>
bool IsVbsEnabled() {
HKEY hKey;
DWORD dwValue = 0;
DWORD dwType = REG_DWORD;
DWORD dwSize = sizeof(DWORD);
bool isEnabled = false;
// Open the registry key
if (RegOpenKeyEx(HKEY_LOCAL_MACHINE,
TEXT("SYSTEM\\CurrentControlSet\\Control\\DeviceGuard"),
0,
KEY_QUERY_VALUE,
&hKey) == ERROR_SUCCESS) {
if (RegQueryValueEx(hKey, TEXT("EnableVirtualizationBasedSecurity"), NULL, &dwType, (LPBYTE)&dwValue, &dwSize) == ERROR_SUCCESS) {
if (dwValue == 1) {
printf("Virtualization Based Security is enabled.\n");
isEnabled = true;
}
else {
printf("Virtualization Based Security is disabled.\n");
isEnabled = false;
}
}
else {
printf("Couldn't read registry key, vbs must be disabled\n");
isEnabled = false;
}
RegCloseKey(hKey);
}
else {
printf("Error accessing registry key.\n");
isEnabled = false;
}
return isEnabled;
}