Short for micro-hypervisor, a microvisor works with the VT (Virtualization Technology) features built into Intel, AMD and other CPUs to create hardware-isolated micro virtual machines (micro-VMs) for each task performed by a user that utilizes data originating from an unknown source.
The micro-VMs created by the microvisor provide a secure environment, isolating user tasks from other tasks, applications and other systems on the network. Tasks in this case entail the computation that takes place within an application as well as within the system kernel, so the microvisor ensures security at both the application and operating system kernel levels.
How Microvisors and Micro-VMs Ensure Security
With each micro-VM created by the microvisor isolated from other micro-VMs as well as from the operating system as a whole, if the micro-VM is compromised by a user opening, for example, an infected web page, document or spreadsheet, the malware will be destroyed when the micro-VM is shut down, even if the malware installs a rootkit on the micro-VM.
Bromium first launched its microvisor and micro-virtualization technology in 2012 as part of the company’s vSentry product. In July 2015 Bromium announced it had partnered with Microsoft to ensure its microvisor and micro-virtualization technology would be integrated in Windows 10 to help make the operating system “the most secure endpoint solution on the market.”