Something to look forward to: Good news for anyone who has ever downloaded a suspicious executable file but didn’t want to set up a virtual machine to run it safely: Microsoft has announced a new feature called Windows Sandbox that creates a temporary desktop environment that isolates untrusted software, meaning it can’t affect your PC.

Microsoft said the feature, which was previously known as InPrivate Desktop, would arrive in Windows 10 19H1 by early next year and be part of the Windows 10 Pro and Enterprise editions. Any software its runs stays only in the sandbox. Once it is closed, all the software and its files and state are permanently deleted.

While the feature doesn’t require the setting up of a virtual machine, virtualization capabilities need to be enabled in the BIOS. Users must also have at least 1GB of free disk space to run the sandbox.

The sandbox builds on technologies used within Windows Containers, which were designed to run in the cloud. Microsoft integrated this within Windows 10, adding features that made it more suitable for running on devices and laptops.

“One of the key enhancements we have made for Windows Sandbox is the ability to use a copy of the Windows 10 installed on your computer, instead of downloading a new VHD image as you would have to do with an ordinary virtual machine,” explains the company.

The sandbox also uses a new technology called “integrated scheduler,” which allows the host to decide when the sandbox runs.

Windows 10 Pro and Enterprise users will be able to try out the feature once Microsoft ships build 18305.

Full prerequisites:

  • Windows 10 Pro or Enterprise build 18305 or later
  • AMD64 architecture
  • Virtualization capabilities enabled in BIOS
  • At least 4GB of RAM (8GB recommended)
  • At least 1 GB of free disk space (SSD recommended)
  • At least 2 CPU cores (4 cores with hyperthreading recommended)