This article is for educational and defensive purposes only. Unauthorized bypassing of security features may violate laws and regulations.
The most direct bypass is to simply flip the global flag that tells the hypervisor to enforce HVCI. Inside the kernel ( ntoskrnl.exe ), there are global variables such as g_CiOptions or g_HvlpVsmEnabled . Hvci Bypass