Home > Hyper-V, Tips&Tricks > The Hypervisor is not Running !!! Hardware DEP, What is it?!!

The Hypervisor is not Running !!! Hardware DEP, What is it?!!

After the Hyper-V role is installed , When you try to create a new virtual machine, it fails to start with the following error:

The virtual machine could not be started because the hypervisor is not running.

Cause: Hardware virtualization or DEP was disabled in the BIOS.

Resolution: Enable Hardware virtualization or DEP in the BIOS. In some cases, the server needs to be physically shutdown in order for the new BIOS settings to take effect.

What is the DEP ?!!! Data Execution Prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help protect against malicious code exploits.

Hardware-enforced DEP marks all memory locations in a process as non-executable unless the location explicitly contains executable code. One kind of malicious code attacks tries to insert and run code from non-executable memory locations. DEP helps prevent these attacks by intercepting them and raising an exception.

Hardware-enforced DEP

Hardware-enforced DEP marks all memory locations in a process as non-executable unless the location explicitly contains executable code. A class of attacks exists that tries to insert and run code from non-executable memory locations. DEP helps prevent these attacks by intercepting them and raising an exception.

Hardware-enforced DEP relies on processor hardware to mark memory with an attribute that indicates that code should not be executed from that memory. DEP functions on a per-virtual memory page basis, and DEP typically changes a bit in the page table entry (PTE) to mark the memory page.

Processor architecture determines how DEP is implemented in hardware and how DEP marks the virtual memory page. However, processors that support hardware-enforced DEP can raise an exception when code is executed from a page that is marked with the appropriate attribute set.

Advanced Micro Devices (AMD) and Intel have defined and shipped Windows-compatible architectures that are compatible with DEP.

Beginning with Windows XP SP2, the 32-bit version of Windows uses one of the following:

·         The no-execute page-protection (NX) processor feature as defined by AMD.

·         The Execute Disable Bit (XD) feature as defined by Intel.

To use these processor features, the processor must be running in Physical Address Extension (PAE) mode. However, Windows will automatically enable PAE mode to support DEP. Users do not have to separately enable PAE by using the /PAE boot switch.

Note Because 64-bit kernels are Address Windowing Extensions (AWE) aware, there is not a separate PAE kernel in 64-bit versions of Windows.
For more information about PAE and AWE in Windows Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:

283037  (http://support.microsoft.com/kb/283037/ ) Large memory support is available in Windows Server 2003 and in Windows 2000

Benefits

The primary benefit of DEP is that it helps prevent code execution from data pages, such as the default heap pages, various stack pages, and memory pool pages. Typically, code is not executed from the default heap and the stack. Hardware-enforced DEP detects code that is running from these locations and raises an exception when execution occurs. If the exception is unhandled, the process will be stopped. Execution of code from protected memory in kernel mode causes a Stop error.

DEP can help block a class of security intrusions. Specifically, DEP can help block a malicious program in which a virus or other type of attack has injected a process with additional code and then tries to run the injected code. On a system with DEP, execution of the injected code causes an exception. Software-enforced DEP can help block programs that take advantage of exception-handling mechanisms in Windows.

 

For more information Check Microsoft KBs

http://support.microsoft.com/kb/912923

http://support.microsoft.com/kb/875352/

http://blogs.technet.com/askcore/archive/2009/02/16/top-issues-for-microsoft-support-for-windows-server-2008-hyper-v-q2.aspx

About these ads
  1. sidney
    July 21, 2010 at 12:02 pm

    Useful!!!

  2. Rajiv Singh Suwal
    July 31, 2010 at 8:14 pm

    For those who are getting this error “the virtual machine could not be started because the hypervisor is not running” while running Virtual Machines on their Windows Server 2008 OR 2008 R2, follow the instruction given here

    http://www.computers.nepalesemap.com/index.php?topic=1554.0

    It helped solve my problem; hope it helps you too

  3. jtiggy@gmail.com
    May 2, 2012 at 10:18 pm

    Nothing I do seems to cure this problem. I have enabled and disabled NX on my AMD and I still get the same error message saying DEP needs to be turned on in the firmware. I have checked and this computer (HP p6000) does have SLATE. The machine was working with Hyper-V but I had some connection problems that required me to shut Hyper-V off and do few other things to get my connections back up and running. This should have been a simple fix. But I am stuck now. Any suggestions?

  4. Faris
    July 18, 2012 at 11:09 am

    after enabling DEP, you have to turn off your computer, restarting your computer is not enough.

    • Mohamed Fawzi
      July 20, 2012 at 7:29 am

      You are right

  5. amol
    February 1, 2013 at 1:41 pm

    thanx My problem was solved

  1. September 8, 2011 at 12:28 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 1,018 other followers

%d bloggers like this: