Running an untrusted .exe file is a massive risk to the user’s security as it could potentially compromise the user’s data or harm the stability of the system.
Poorly written programs can also serve as vulnerability points for hackers to exploit. Many businesses and power-users have a dedicated testing machine or at least a virtual machine specifically for this purpose.
However, now Microsoft is now addressing this issue with the introduction of sandbox mode. Every time this feature is enabled Windows creates a fresh and lightweight (100MB) replica installation of itself (like a virtual machine; as depicted in the image above) for you to run a new app, which could be potentially malicious.
Prerequisite for using this feature is as follows:
- OS: Windows 10 Pro or Enterprise insider build 18305 or later
- Processor: AMD64 Architecture or an Intel equivalent
- Bios: Viritivulization feature enabled
- RAM: 4GB minimum (8GB recommended)
- HDD: At least 1GB of space (SSD recommended)
- CPU: 2 cores minimum (4 cores with hyperthreading recommended)
Microsofts claims to be using their hypervisor, and the process allots a separate kernel which doesn’t affect the host. Microsoft has also worked on various challenges one would face with running a virtual machine.
What it does is virtually create an isolated desktop inside your desktop that shares the resources such as power, processing, memory, and graphical hardware acceleration. The program allocates all the resources separately for the sandbox system once opened up and preserves it until you exit the mode.
A smart thing that Microsoft has implemented is the ‘snapshot’ and ‘clone’ technologies that will allow Windows to run the clone sandbox desktop in a separate window avoiding boot times for your virtual machine it also maintains the window on a separate cache for easy and quick accessibility until you exit the mode.
Microsoft has also concentrated more on the virtual graphical acceleration module to provide a smooth operating experience. Users who often run graphics intensive programs would find this very useful. However, to take advantage of this, you will have to have a compatible GPU and graphics driver.
The sandbox feature is also said to be aware of the power consumption of the host machine and will optimize the power consumption that the virtual machine is consuming, which is very important for users on Laptops.
Upon exit, all the data is deleted making it disposable and secure to the user.
Windows Insider members can try it out by downloading the insider build 18305 or later. Although, you will have to be on either have Windows 10 Pro or Enterprise and should’ve opted in for the Windows Insider program to be eligible to try it.
Windows Sandbox is going to be a boon for many as it can lead more people to exercise caution while opening various unknown files thus improving their safety and preventing malware attacks.
You can learn more about Windows sandbox mode, and its technical details in this official Microsoft blog post here.
How to get started with Windows Sandbox?
- Install the Windows insider build 18305 or newer. (You should be running Windows 10 Pro or Enterprise)
- Enable Virtualization:
Ensure virtualization feature is enabled in the BIOS menu if you’re using a physical machine.
If you’re using a virtual machine, on the other hand, use the PowerShell cmdlet: to enable nested virtualization.
Set-VMProcessor -VMName -ExposeVirtualizationExtensions $true
- Go to Control Panel>Programs>Programs and features> and click on “Turn windows features on or off” Scroll down to find Windows Sandbox click the check mark and select ok. You might be prompted to reboot windows to complete the process.
- After rebooting use the start menu to find Windows Sandbox run it and allow the elevation.
- Copy the desired .exe file you wish to run by just copy and paste it on the desktop.
- Run the .exe file like you traditionally would.
- When you’re done with your experimentation process, you can close the window, and all the allocated memory and settings and ultimately the sandbox will be discarded and deleted.
Known issues with Windows Sandbox
- When you start the Sandbox mode for the first time, it will trigger a setup process and spikes the CPU and disk activity for a couple of moments
- The start menu on the Sandbox is a bit laggy, and the menu apps are unresponsive
- There is no proper sync between the host and sandbox’s time zones
- Windows Sandbox doesn’t support reboot requiring installers, so testing drivers are a big no-no
- Surprisingly, the Microsoft Store isn’t supported by Sandbox mode
- Support for high dpi displays isn’t managed well by Sandbox mode
- Multi-monitor configs aren’t fully supported by Sandbox mode