Windows 10 v1903/19H1 and Windows Server 2019 v1903/19H1 will hang or BSOD during power-on when vIOMMU is enabled
Article ID: 316573
Updated On:
Products
VMware Desktop Hypervisor
VMware vSphere ESXi
Issue/Introduction
Symptoms:
During installation or in-place upgrade to v1903/19H1 releases of Windows 10 or Windows Server 2019, the guest will hang (at the windows Logo screen) or BSOD.
During installation or in-place upgrade to v1903/19H1 releases of Windows 10 or Windows Server 2019, the guest will hang (at the windows Logo screen) or BSOD.
Environment
VMware Workstation Pro 15.x (Windows)
VMware vSphere ESXi 6.7
VMware Fusion 11.x
VMware vSphere ESXi 6.7
VMware Fusion 11.x
Cause
This is a known issue in v1903/19H1 of both Windows 10 and Windows Server 2019 that first appeared in build 18362. VMware is collaborating with Microsoft on a fix and Microsoft has published KB4497935 to resolve this issue
Customers who meet all of the following criteria are affected:
If you are affected, we recommend delaying adoption of v1903/19H1 until after patch is available from Microsoft.
Customers who meet all of the following criteria are affected:
- Using VMware Cloud on AWS, Sphere 6.7 or later
- VM is on hardware version 14 or later
- VM is enabled with vIOMMU or "Virtualization Based Security" (VBS), regardless if VBS is enabled in Windows
- Customer is attempting to install or perform in-place upgrade to v1903/19HA releases of Windows 10 or Windows Server 2019
If you are affected, we recommend delaying adoption of v1903/19H1 until after patch is available from Microsoft.
Resolution
To avoid this issue, power-off VM and deselect option "Virtualization Based Security" (VBS) and disable the vIOMMU in vSphere VM editor. These options are only available on vSphere 6.7 or later and VMs with hardware version 14 or later.
To deselect the option "Virtualization Based Security" (VBS) and disable the vIOMMU:
Workaround:
To workaround this issue, apply windows update KB4497935 to OS build 18362.145. Or use Microsoft new updated ISO image of Windows 10 v1903 or Windows Server, v1903(OS build number 18362.295) on Visual Studio on Aug 2019, which contain the fix of this issue.
If you do not want to apply this update, the following optional workaround steps would allow use of VBS. However, performing an update to Windows OS after enabling VBS may cause this issue to reoccur.
To deselect the option "Virtualization Based Security" (VBS) and disable the vIOMMU:
- Ensure that the virtual machine is shutdown and is powered off.
- Right-click on the virtual machine.
- Click Edit Settings... to open the Virtual Machine Properties window.
- Click the VM Options tab.
- Click on VMware Tools
- Uncheck Virtualization Based Security
- Click OK
Workaround:
To workaround this issue, apply windows update KB4497935 to OS build 18362.145. Or use Microsoft new updated ISO image of Windows 10 v1903 or Windows Server, v1903(OS build number 18362.295) on Visual Studio on Aug 2019, which contain the fix of this issue.
If you do not want to apply this update, the following optional workaround steps would allow use of VBS. However, performing an update to Windows OS after enabling VBS may cause this issue to reoccur.
- Apply above Resolution on powered-off VM.
- Fully install or upgrade guest os without enabling VBS in vSphere
- Power off VM, enable "Expose hardware assisted virtualization to guest" by:
- Right-click VM
- Edit Settings
- Under Virtual Hardware, expand CPU section
- Check the box for "Expose hardware assisted virtualization to the guest OS"
- Power on VM, in the Microsoft guest OS, enable "Hyper-V" feature either PowerCLI or Command line (defer to Microsoft for additional options), then reboot guest OS
- Power off VM, then enable VBS for the VM in vSphere.
Feedback
Yes
No
Powered by
