I saw a post in another sub saying how to run Hypervisor safely, and in the comments I noticed a lot of misconception about it. I made this post to provide a bit of clarification about some points.
This post isn't meant to fearmonger nor is it meant to tell you everything is fine and you should run it, the point here is to paint a simpler and transparent picture of what Hypervisor is and what it can do; not what it will do. That depends on your trust and if you get it from reliable sources.
TL;DR: Hypervisor gets access to the metal of your PC. That is, it runs below Windows. It essentially gets access to your entire PC, it can do whatever it wants. Windows and antivirus can't stop it. This does not mean that hypervisor is a malware; What it means is that if you get a malicious version of it, you're screwed.
Rings
Your PC has basically "rings" of privileges/access. Your PC doesn't just let any piece of code do whatever it wants. There's a hierarchy of trust, and what a code can do depends on where it is:
Ring 3 - your apps. Games, browsers, etc. They can only ask nicely for things. Denuvo runs here with the game.
Ring 0 - the Windows kernel. The OS itself. It controls hardware, memory, everything. Code situated here can do pretty much anything it wants inside Windows.
Ring -1 - where hypervisor runs. This runs below the operating system. It can watch, pause, or modify everything above it, including the kernel.
The lower you go, the closer you are to the metal (hardware). The takeaway is this: hypervisor is between Windows and the metal. If hypervisor tricks Windows into thinking it's running in a My Little Pony PC, Windows will believe hypervisor.
Denuvo
Denuvo, to make a very long story very short, is basically a software that runs some calculations and expects the results to always be the same. If any of the calculations returns the wrong value, Denuvo knows the game has been tampered with, and doesn't let you run it.
A crack tampers with those files, thus why cracking a Denuvo game is difficult. Crackers need to learn how Denuvo works for each different game, and find out ways to spoof it.
This is something that needs to be done on a game by game basis. One solution will not work for other games.
Well, until hypervisor arrived.
Hypervisor
To make another very long story very short, Hypervisor tricks Denuvo into believing the results are correct, even though they aren't. It basically tells Denuvo "Oh you're such a good boy, you defend the game so well. Oh, your calculations are weird? Returning wrong values? They're actually fine. Now please let the game run."
And Denuvo can do squiggly squat against hypervisor. If hypervisor says that everything is fine, then everything is fine. Denuvo can't even tell that hypervisor is installed and running. Because Denuvo is in Ring 3, and Hypervisor is in Ring -1. And again, even Windows in Ring 0 would have to bend itself to the will of Hypervisor, so never mind some app in Ring 3.
So, is it safe or not?
Depends on your point of view, what you do with your PC and level of risk you're comfortable with. That's the most honest answer I can give you.
Speaking for myself:
I'm not comfortable with installing such an invasive piece of code in my machine. I've been around the block, I used to download games in the past. I consider myself a tech savvy person who is careful with what I download and from where. Even then, I caught viruses a few times.
Maybe it was my fault, maybe I wasn't careful enough, but that's not the point. Point is, I caught them, and there aren't guarantees that I won't get some malicious version, even if I'm careful.
If you download a malicious version, there's nothing windows and antiviruses can do, they won't be able to see it. And if the hacker is worth their salt, they'll make the malware as invisible as possible, so not even you can detect it as you use your machine.
So I prefer not to install such software in the first place.
Final note: this post was made to paint a simple picture of the situation so that people understand what's going on. I wrote a lot of stuff here from memory. Let me know if I got any detail wrong and I'll gladly fix it