Microsoft's Windows Sandbox lets you run suspicious apps in isolation

midian182

midian182

Posts: 9,778   +121
Staff member
Something to look forward to: Good news for anyone who has ever downloaded a suspicious executable file but didn’t want to set up a virtual machine to run it safely: Microsoft has announced a new feature called Windows Sandbox that creates a temporary desktop environment that isolates untrusted software, meaning it can’t affect your PC.

Microsoft said the feature, which was previously known as InPrivate Desktop, would arrive in Windows 10 19H1 by early next year and be part of the Windows 10 Pro and Enterprise editions. Any software its runs stays only in the sandbox. Once it is closed, all the software and its files and state are permanently deleted.

While the feature doesn’t require the setting up of a virtual machine, virtualization capabilities need to be enabled in the BIOS. Users must also have at least 1GB of free disk space to run the sandbox.

The sandbox builds on technologies used within Windows Containers, which were designed to run in the cloud. Microsoft integrated this within Windows 10, adding features that made it more suitable for running on devices and laptops.

“One of the key enhancements we have made for Windows Sandbox is the ability to use a copy of the Windows 10 installed on your computer, instead of downloading a new VHD image as you would have to do with an ordinary virtual machine,” explains the company.

The sandbox also uses a new technology called “integrated scheduler,” which allows the host to decide when the sandbox runs.

Windows 10 Pro and Enterprise users will be able to try out the feature once Microsoft ships build 18305.

Full prerequisites:

  • Windows 10 Pro or Enterprise build 18305 or later
  • AMD64 architecture
  • Virtualization capabilities enabled in BIOS
  • At least 4GB of RAM (8GB recommended)
  • At least 1 GB of free disk space (SSD recommended)
  • At least 2 CPU cores (4 cores with hyperthreading recommended)

Permalink to story.

https://www.techspot.com/news/77934-microsoft-windows-sandbox-you-run-suspicious-apps-isolation.html

 
HA HA! This is their attempt at increasing Edge usage! No one will use this and then download, and install, a browser when they will have to do the same thing the next time they use it.
 
There is this suspicious and really old app that comes with Windows 10, but I think Microsoft forgot about it; named "mmc.exe". I think I'll run that in sandbox mode.
 
OneDayBefore said:
HA HA! This is their attempt at increasing Edge usage! No one will use this and then download, and install, a browser when they will have to do the same thing the next time they use it.
Click to expand...
This had nothing to do with Edge. If it's related to Edge and they wanted to use it improve Edge users, it would not be limited to Pro and Enterprise users only. This is seemingly based on their Hyper-V technology that isn't even available for Home users.
 
  • Like
Reactions: OortCloud
cliffordcooley said:
LeroN said:
It's nothing new. There is such application for W7/10.
www.sandboxie.com
Click to expand...
Which is where it should have stayed. We don't need yet another application bundled in the OS. Windows 10 is bloated way too much as it is.
Click to expand...
Reading more into it, apparently it's not bundled or turned on by default. You will have to manually open up "Windows Features," check it, let it download, and then it will be installed. So doesn't seem too bad. Anyways, as far as I am concerned, most power uses seem to be excited about this feature. So I don't see that being a bad thing as it is useful and having it built-in rather than relying on Sandboxie ($20 per license and cannot be use for commercial) is neat as well.
 
  • Like
Reactions: Eldritch
Silvernine said:
Reading more into it, apparently it's not bundled or turned on by default. You will have to manually open up "Windows Features," check it, let it download
Click to expand...
Everything available through Windows Features is stored on your local drive waiting to be installed. I don't like it and never have but that is the way it is.

Used to, you could install and leave features to be installed on demand. And if you ever wanted those feature turned on. You needed the install disk because that is where the install files were stored. Now the install files are all extracted to disk and then installed from that location. So whether you want those features or not, the install files are still stored on disk.

Microsoft does the same for hardware drivers and not just one version. They store every version of driver ever installed in a driver repository. When your driver is a couple hundred Megbyte in size. A half dozen driver updates will take over a Terabyte in driver storage. This is storage for installing drivers not usage.
 
LeroN said:
It's nothing new. There is such application for W7/10.
www.sandboxie.com
Click to expand...
It is my most heavily used program on XP and W7. However, by the time 10 came around, I noticed a lot of things no longer work quite properly. I have encounter quite a few small programs that just refused to run in it even with a sandbox with default settings. It doesn't help that Invincea does not work on it as often as the old developer did. Hell, it currently has does not play well with Windows 10 1809 but at the very least, a beta recently came out to get it back up to par in the forums. Therefore, I don't think that it's the go to these days for reliable sandboxing.

On the other hand, it's still one of my purchases that I never regret. I have the lifetime license as well.
 
Some unfounded negativity is there in the comments. Its an nice addition and will lead to more mainstream usage of Sanboxing. Those who dont like can always use Sandboxie?
Same criticism was there for and to some extent, still is, for Windows Defender. While you can say that Defender can not stand against likes of Bitdefender and Kaspersky but its pretty solid now and is significantly better than no AV or some off market AVs made by small manufacturers.
All in all, its an welcome addition and the doom and gloom is unjustified.
 
But can you run Windows itself in a sandbox??? What about Microsoft's reviled Edge browser or its successor, whatever it may be called? No joke! Sandbox the browser!
 
Eldritch said:
Some unfounded negativity is there in the comments. Its an nice addition and will lead to more mainstream usage of Sanboxing. Those who dont like can always use Sandboxie?
Click to expand...
I agree a really useful feature. I never got on with SandBoxie so use a VirtualBox with an old XP license. Its really useful when you want to try something out or are not sure about the authenticity of something, or if you want to run something just once then throw away. So to have it running the same Win10 as the host using the same license sounds great.
 
Today's morning I got another update for my W10Pro and it asked me to uninstall Sandboxie with no choice otherwise it didn't process updating.
 
You must log in or register to reply here.

Similar threads

midian182
Fallout TV show secures second season after stellar debut
Replies
19
Views
274
user478318
user478318
TS Dealmaster
  • Locked
Get a Microsoft Office lifetime license for $29, no subscription required
Replies
0
Views
986
TS Dealmaster
TS Dealmaster
TS Dealmaster
  • Locked
Microsoft Office deal is down to $49 for a lifetime license
Replies
0
Views
3K
TS Dealmaster
TS Dealmaster

Latest posts

Back