A data processing system with technology to secure a VMCS comprises random access memory (RAM) and a processor in communication with the RAM. The processor comprises virtualization technology that enables the processor to (a) execute host software in root mode and (b) execute guest software from the RAM in non-root mode in a virtual machine (VM) that is based at least in part on a virtual machine control data structure (VMCDS) for the VM. The processor also comprises a root security profile to specify access restrictions to be imposed when the host software attempts to read the VMCDS in root mode. Other embodiments are described and claimed.