The Microsoft Windows Sandbox Feature For Testing Suspicious Apps And How To Activate It

0

Microsoft is set to give users more security options as the tech company tries to introduce the Windows Sandbox feature. The feature is set for 19H1(1903) early next year and will be part of Windows 10 Pro and Enterprise Editions.

The Windows sandbox feature creates an “isolated temporary, desktop environment” where users can run potentially suspicious software.

“An isolated, temporary, desktop environment where you can run untrusted software without the fear of lasting impact to your PC” a blog post by Microsoft read, “Any software installed in Windows Sandbox stays only in the sandbox and cannot affect your host. Once Windows Sandbox is closed, all the software with all its files and state are permanently deleted.”

Windows Sandbox Properties

The Windows Sandbox has the following properties;

  • Part of Windows – everything required for this feature ships with Windows 10 Pro and Enterprise. No need to download a VHD!
  • Pristine – every time Windows Sandbox runs, it’s as clean as a brand-new installation of Windows
  • Disposable – nothing persists on the device; everything is discarded after you close the application
  • Secure – uses hardware-based virtualization for kernel isolation, which relies on the Microsoft’s hypervisor to run a separate kernel which isolates Windows Sandbox from the host
  • Efficient – uses integrated kernel scheduler, smart memory management, and virtual GPU

Prerequisites for using the feature

To use the Windows Sandbox feature, you need;

  • Windows 10 Pro or Enterprise build 18305 or later
  • AMD64 architecture
  • Virtualization capabilities enabled in BIOS
  • At least 4GB of RAM (8GB recommended)
  • At least 1 GB of free disk space (SSD recommended)
  • At least 2 CPU cores (4 cores with hyperthreading recommended)

How To Turn on Windows Sandbox Feature

If you satisfy all the above requirements, here is how to turn on the Windows 10 Sandbox feature;

  1. Install Windows 10 Pro or Enterprise, build 18305 or newer
  2. Enable virtualization:
    • If you are using a physical machine, ensure virtualization capabilities are enabled in the BIOS.
    • If you are using a virtual machine, enable nested virtualization with this PowerShell cmdlet:
    • Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true
  3. Open Windows Features, and then select Windows Sandbox. Select OK to install Windows Sandbox. You might be asked to restart the computer.
  4. Using the Start menu, find Windows Sandbox, run it and allow the elevation
  5. Copy an executable file from the host
  6. Paste the executable file in the window of Windows Sandbox (on the Windows desktop)
  7. Run the executable in the Windows Sandbox; if it is an installer go ahead and install it
  8. Run the application and use it as you normally do
  9. When you’re done experimenting, you can simply close the Windows Sandbox application. All sandbox content will be discarded and permanently deleted
  10. Confirm that the host does not have any of the modifications that you made in Windows Sandbox.

LEAVE A REPLY

Please enter your comment!
Please enter your name here