While configuring virtual machines, users may sometimes encounter an error message stating that “this host does not support ‘Intel EPT’ hardware-assisted MMU virtualization.” This issue can be frustrating but is not uncommon. Some hosts do not support particular virtualization technologies.
- Hardware-assisted MMU virtualization allows users to run multiple OS and their applications/programs on a single system.
- The error is caused by the outdated system BIOS or outdated virtualization platform, processor incompatibility, or active antivirus or firewall.
- Some alternatives, such as shadow paging or para-virtualization, can be used if your system is non-EPT, or you can try upgrading your system’s hardware. Also, updating BIOS, deactivating firewall/antivirus, turning off Virtualization-Based Security, and stopping Hyper-V services are potential fixes for the error.
What Does The Error “This Host Does Not Support ‘Intel EPT’ Hardware-Assisted MMU Virtualization” Mean?
When a host system is unable to handle Intel EPT hardware-assisted MMU virtualization, it signifies that the host system lacks the hardware capabilities required to effectively transform virtual addresses for virtual machines (VMs) to physical addresses.
To boost performance and decrease overhead, Intel EPT offloads the operation of memory virtualization to the hardware. The host is forced to use software-based address translation methods without EPT support, which might result in the following:
- Additional overhead because the hypervisor has to perform page table lookups and address translations for each memory access increases CPU usage and reduces performance.
- Compatibility issues, resulting in decreased performance or restricted functioning of particular virtualization capabilities.
- Scalability gets limited if virtual guest addresses cannot be effectively mapped to host physical addresses, which would reduce resource utilization and flexibility.
How To Fix Intel EPT Support Error
Here is a list of potential methods to solve the irritating error.
Enable VT-x And EPT In BIOS Settings
To begin with, check if VT-x (Virtualization Technology) and EPT are turned on in your BIOS settings if you receive the error message. EPT allows direct access to physical memory in virtualized systems, whereas VT-x provides CPU virtualization.
Here are the steps to enable VT-x and EPT in BIOS:
- First, restart your computer to access the BIOS settings to turn on VT-x and EPT.
- As per your system setting, press the appropriate key during boot up: anyone of the F2, F10, or Del keys. The recommended approach may change depending on your system’s manufacturer, type, or model.
- Now, find the VT-x setting in the BIOS settings and turn it on.
- Next, find and enable the EPT setting.
- Leave the BIOS settings after saving modifications.
Restart your computer once more to check if this method eliminated the error.
Also Read: How To Reset BIOS
Update BIOS Firmware
Hardware-assisted virtualization technology like EPT may have problems if the BIOS firmware needs to be updated. To support EPT, you must ensure your computer’s BIOS firmware is updated. This helped fix the issue for us.
Here is how to update BIOS:
- Open your browser and go to Intel’s website.
- Download the most recent BIOS firmware for the model of your machine.
- Go to the downloads or where you have downloaded the setup and install it by following the on-screen instructions.
Restart your computer when the update finishes installing, then configure the virtual machine.
Check Processor Compatibility
Some processor models don’t support Intel EPT. Before attempting to use EPT, ensure your CPU is compatible.
If you are unaware, go to Intel’s website and search for your processor model to check for compatibility. You might need to upgrade your CPU or use a different virtualization technology if your processor does not support EPT.
Update The Virtualization Platform
Ensure your virtualization platform supports EPT and is updated if you’re using VMware or Hyper-V. EPT and other hardware-assisted virtualization technologies are necessary for the best performance on most virtualization platforms.
Sometimes, a system or host doesn’t support EPT. To find out if EPT is supported and whether any specific configurations are needed, check the documentation of your virtualization platform.
Disable Antivirus And Firewall
As per our testing, antivirus programs and firewall configurations can cause interference with virtualization technologies like EPT and can make the “this host does not support ‘Intel Ept’ hardware-assisted MMU virtualization” error appear. To configure your virtual computer, temporarily turn off your firewall and antivirus programs.
Now, try to enable firewall and antivirus settings with some altered configurations to make virtualization technologies operate properly.
Also Read: How To Remove Malware And Viruses From PC?
VMware Workstation Pro cannot run on a Windows host with enabled Hyper-V. It would be best to deactivate Hyper-V in Windows Optional Features to resolve this problem.
Following are the steps to disable Hyper-V:
- Access Control Panel in your system.
- Go to View by and choose Category.
- Then jump to Programmes and then Programmes and Features.
- On the left, click Turn Windows features on or off.
- Uncheck the boxes next to Virtual Machine and Windows Hypervisor Platform.
- Turn off the Hyper-V checkbox if it appears instead of these two, and click OK.
- Now, to apply changes to the system, restart it.
The error, for sure, will resolve by this method.
Stop All Hyper-V Services
Your system might be running some Hyper-V-related services if VMware is not starting even if you have disabled Hyper-V and it displays the same error message.
Here’s how to shut off any active Hyper-V services:
- In the Windows search box, enter run and click on Run from search results.
- Now type services.msc, then hit OK.
- You can find all the Hyper-V services in the Services Manager app.
- Deactivate all the Hyper-V services by right-clicking on them, and you will find the option.
When the system boots up, the services with the Automatic start setting start up. Change any Hyper-V service’s startup type from Automatic to Manual if it is currently set to Automatic to prevent the service from starting on its own when your system boots up. To do this, follow the steps below:
- Right-click the automatically running Hyper-V service and choose Properties.
- From the Startup type drop-down menu on the General tab, select Manual.
- Choose Apply and then click on OK to save changes.
Now restart your system to apply changes.
Disable Virtualization-Based Security (VBS)
Our findings indicate that VBS technology can also trigger the issue. You won’t be able to use VMware Workstation Pro if your Windows host system has VBS activated.
Following are the steps to determine whether VBS is enabled on your system if you are not sure about it:
- Type System Information into Windows Search and press Enter.
- From the list of results, open System Information.
- Choose System Summary from the left menu.
- View the VBS status on the right side by scrolling down.
Turn Off VBS
You need to turn off the VBS technology if it is currently active.
Here’s how to turn it off:
- Open the Run application.
- Type command gpedit.msc in the Run box, and hit OK. The Local Group Policy Editor will launch after you do this.
- Expand the branch on the left called Computer Configuration.
- Navigate to Administrative Templates.
- Click on System and then Device Guard.
- Double-click the Virtualization-Based Technology on the right side and opt for Disabled.
- Now restart your system to apply changes.
Create A Backup
Accessing the Local Group Policy Editor is impossible when using the Home edition. However, you can turn off VBS using the Registry Editor. Windows Registry is the hierarchical database of the Windows operating system.
Your system could experience serious issues due to any mistakes you make when editing the Registry. Before beginning, you should create a backup of the Registry and system restore point.
Follow these steps to create a backup:
- Open the Run box again from Windows search and type Regedit in it.
- Click OK and then Yes when the UAC prompt appears. By doing this, you will see the Registry Editor window.
- Copy and paste this path: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard into the Registry Editor’s address bar.
Create EnableVirtualizationBasedSecurity Value
Choose the DeviceGuard subkey on the left and look for EnableVirtualizationBasedSecurity Value on the right.
If not, create it yourself using the instructions below:
- Right-click on the blank area.
- Navigate to New and opt for DWORD (32-bit) Value.
- Rename the new Value by EnableVirtualizationBasedSecurity, and you will find the option by right-clicking on it.
- Right-click it once more and choose Modify.
- Its Value Data has to be 0. If not, type 0 into the Value Data field and press OK.
- Next, copy and paste the path: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa into the Registry Editor’s address bar, and hit Enter.
Create LsaCfgFlags Value
The LSA subkey must be chosen on the left, and ensure that the LsaCfgFlags Value is on the right. If not, manually create a DWORD (32-bit) Value using the above-given instructions, and rename it to LsaCfgFlags.
LsaCfgFlags should have a value data of 0. Check the Value Data by right-clicking on it and choosing Modify if the value is not 0. Put 0 in the Value Data field, then click OK.
To properly implement changes, shut the window now and restart your computer. It will surely solve the error!
Alternatives For Non-EPT Supported Hosts
There are a few different strategies and technologies that can act as alternate sources in getting over the limitations of non-EPT-supported hosts:
It is a software-based address translation mechanism. For each guest virtual machine (VM), the hypervisor keeps a shadow page table, enabling it to translate addresses on behalf of the guest. Shadow paging offers a viable alternative for non-EPT-supported hosts, even though it adds overhead due to software involvement.
MMU virtualization does not require hardware support if you use this alternative method. Guest VMs explicitly hyper-call the hypervisor for memory management tasks under para-virtualization because they know the virtualization layer. This method can perform better than complete hardware virtualization, even on non-EPT-supported hosts.
Organizations that rely substantially on virtualization technologies should upgrade the host hardware to a platform that supports Intel EPT. Organizations can profit from the performance and scalability provided by hardware-assisted MMU virtualization by investing in modern processors that include EPT.
Virtualized systems have revolutionized performance, scalability, and security by shifting memory virtualization to the hardware level with Intel EPT. However, some limitations exist, such as your system not supporting Intel EPT hardware-assisted MMU virtualization.
Fortunately, alternative approaches like shadow paging and para-virtualization offer viable solutions to lessen these restrictions. We also explained possible solutions to eliminate the “this host does not support ‘Intel Ept’ hardware-assisted MMU virtualization” error.
Organizations can use these methods to improve resource usage and performance and should consider upgrading their hardware to EPT-compatible platforms.
Common Questions Answered
Activating Virtualize AMD-V/RVI or Intel VT-x/EPT option in VMware can enable Nested Virtualization. However, for this, your CPU must support hardware-assisted virtualization. You can turn on hardware-assisted virtualization through your computer’s BIOS.
The host’s reliance on software-based address translation may result in additional overhead, leading to decreased performance and higher CPU utilization.
Alternative options for hosts that do not support Intel EPT hardware-assisted MMU virtualization, such as shadow paging, para-virtualization, and hardware upgrades are available.
[Errors Troubleshooting Expert]
Arsalan Shakil (aka GuyThatDoesEverything on YouTube) is a PC Tech Enthusiast and Electronic Geek. With over 10+ years of experience in Electronics, he then decided to explore Software Engineering to design embedded products and automate existing hardware solutions.
When he started tearing down old cameras to understand how they worked, he was shocked (literally, when he got zapped by a flash discharge capacitor), giving him the power (debatable) to fall in love with videography/photography. He also started making some fun videos that later became YouTube tech reviews.
- 10+ years of experience in Electronics design, embedded solutions, and prototyping
- Majored in Software Engineering
- Research paper publication in IEEE for Embedded Military Uniform & LoRa WAN wireless technology
- Specialized in IoT Solutions
- PC Enthusiast & PC Modder
In his local region, he’s known to expose cheap PSU brands, often claiming fake certification or false claims on the box. He’s a true nerd and needed some friends in his life. Then he met some guys who work at Tech4Gamers, and they also came out to be equal nerds who suggested he join Tech4Gamers as a Hardware Expert.