This policy setting determines whether Microsoft Defender Application Guard renders graphics using hardware or software acceleration.
If you enable this setting, Microsoft Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Microsoft Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If you enable this setting without connecting any high-security rendering graphics hardware, Microsoft Defender Application Guard will automatically revert to software-based (CPU) rendering.
Note:
Be aware that enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.
If you disable or don't configure this setting, Microsoft Defender Application Guard uses software-based (CPU) rendering and won't load any third-party graphics drivers or interact with any connected graphics hardware.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | SOFTWARE\Policies\Microsoft\AppHVSI |
Value Name | AllowVirtualGPU |
Value Type | REG_DWORD |
Enabled Value | 1 |
Disabled Value | 0 |