What is a UEFI Hypervisor?
A UEFI Hypervisor, like our proprietary Soapivisor, is a layer of software that initializes during the boot process, before Windows even starts. It sits between the hardware (CPU/RAM) and the Operating System.
The Ring -1 Advantage
Traditional cheats run in Ring 3 (User Mode) or Ring 0 (Kernel Mode). Anti-cheats also run in Ring 0, giving them a "god-eye" view of everything else in the kernel.
However, a hypervisor runs in what is colloquially known as Ring -1. This means the hypervisor can control and hide from the OS kernel itself.
Key Stealth Features:
- EPT (Extended Page Tables) Hooking: We can redirect memory reads/writes at the hardware level. When an anti-cheat tries to scan the game memory for changes, the hypervisor shows them a "clean" copy of the memory while the game actually runs the "modified" version.
- VM-Exit Handling: We intercept specific CPU instructions (like CPuid or RDTSC) that anti-cheats use to detect virtualization and return faked, legitimate data.
- Perfect Timing: Our hypervisor compensates for the nanosecond delays caused by virtualization, defeating advanced timing attacks used by top-tier house anti-cheats.
Why It Matters
Using a UEFI hypervisor means your cheats are virtually invisible to anti-cheat scanners. They can't see what they aren't allowed to access.