2 min read
Windows sandbox features
Windows Sandbox is an isolated desktop environment where users can run untrusted software without any risk of them having any effects on your computer. Any application you install in Windows Sandbox is contained in the sandbox and cannot affect your computer. All software with their files and state are permanently deleted when a Windows Sandbox is closed.
- You need Windows 10 Pro or Windows 10 Enterprise to use it and will be shipped with an update, no separate download needed.
- Every run of Windows Sandbox is new and runs like a fresh installation of Windows.
- Everything is deleted when you close Windows Sandbox.
- It uses hardware-based virtualization for kernel isolation based on Microsoft’s hypervisor. A separate kernel isolates it from the host machine.
- It has an integrated kernel scheduler and virtual GPU.
Source: Microsoft website
In order to use this new feature based on Hyper-V, you’ll need, AMD64 architecture, virtualization capabilities enabled in BIOS, minimum 4GB RAM (8GB recommended), 1 GB of free disk space (SSD recommended), and dual-core CPU (4 cores with hyperthreading recommended).
What are the people saying
The general sentiment towards this release is positive.
— TechGuy (@AnonTechOps) December 19, 2018
However, a comment on Hacker news suggests that this might not be that useful for its intended purpose: “Ironically, even though the recommended use for this in the opening paragraph is to combat malware, I think that will be the one thing this feature is no good at. Doesn’t even moderately sophisticated malware these days try to detect if it’s in a sandbox environment? A fresh-out-of-the-box Windows install must be a giant red flag for that.”