FIX: VMware is not incompatible with Credential Guard

Ivan Jenic
by Ivan Jenic
Troubleshooting Expert
Passionate about all elements related to Windows and combined with his innate curiosity, Ivan has delved deep into understanding this operating system, with a specialization in drivers and driver troubleshooting. When he's not tackling... Read more
Affiliate Disclosure
VMware is found to be not compatible with Credential Guard
To fix various PC problems, we recommend DriverFix:
This software will keep your drivers up and running, thus keeping you safe from common computer errors and hardware failure. Check all your drivers now in 3 easy steps:

  1. Download DriverFix (verified download file).
  2. Click Start Scan to find all problematic drivers.
  3. Click Update Drivers to get new versions and avoid system malfunctionings.
  • DriverFix has been downloaded by 0 readers this month.

A common error with VMware workstations is when you try to power on the virtual machine on a Windows 10 device though you are greeted with the dreaded Blue Screen of Death when Credential Guard or Device Guard is enabled.

This no doubt makes for a frustrating scenario though the good thing here is that the issue can be remedied easily and effectively. And the easiest and most obvious solution here is to disable Windows Defender Credential Guard.

What to do if VMware is not compatible with Credential Guard

1. Turn of Windows Defender Credential Guard using Group Policy

  1. Launch Group Policy Management Console. Just type Group Policy in the Cortana search box and select Group Policy editor from the search result.
  2. In the Group Policy Editor window, select Computer Configuration > Administrative Templates > System > Device Guard from the options on the left.
  3. You will get to see the Turn On Virtualization Based Security option on the right panel. Double click on it.
  4. This will launch the Turn On Virtualization Based SecurityDisable Turn On Virtualization Based Security if VMware reports incompatibility with credential guard
  5. Click on the Disable option to disable the setting.

Disabling the setting will help if VMware is found incompatible with credential guard

  1. Click on Apply > OK.
  2. Close the Group Policy window as well.

2. Delete Registry setting

Making suitable changes in the Registry will help if VMware is found incompatible with Credential Guard

  1. Open Registry Editor. (Type regedit in the Cortana search box.)
  2. Delete the following registry settings.

HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsDeviceGuardEnableVirtualizationBasedSecurity

HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsDeviceGuardRequirePlatformSecurityFeatures

The usual precautions to be adopted when tinkering with Registry settings are applicable here. It is strongly recommended to back up the Registry before making any changes to it.


3. Delete the Windows Defender Credential Guard EFI variables using bcdedit

VMware not compatible with credential guard? Delete Windows Defender Credential Guard EFI variables using bcdedit

  1. It is an easy process where you just have to type the following commands from an elevated command prompt and press Enter.
  • mountvol X: /s
  • copy %WINDIR%System32SecConfig.efi X:EFIMicrosoftBootSecConfig.efi /Y
  • bcdedit /create {0cb3b571-2f2e-4343-a879-d86a476d7215} /d “DebugTool” /application osloader
  • bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} path “EFIMicrosoftBootSecConfig.efi”
  • bcdedit /set {bootmgr} bootsequence {0cb3b571-2f2e-4343-a879-d86a476d7215}
  • bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO
  • bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} device partition=X:
  • mountvol X: /d
  1. Restart the PC.
  2. There will be a prompt where you will be asked to confirm to disable Windows Defender Credential Guard. Consent to it.

4. Disable Hyper-V

One option when faced with the VMware not compatible with credential guard issue is disabling Hyper-V

  1. You are also likely to get the VMware not compatible with Credential Guard error when Hyper-V is enabled.
  2. To disable Hyper-V, use the following command:
  • bcdedit /set hypervisorlaunchtype off
  1. Restart your PC for the command to take effect.
  2. Also, just in case you need to start Hyper-V again, use the following command.
  • bcdedit /set hypervisorlaunchtype auto
  1. Again, restart the PC.

The above steps should sort things out when VMware is found incompatible with Credential guard.

You will also get more info on this on Microsoft’s official webpage.

Meanwhile, here are some related posts you might want to browse:

This article covers:Topics: