If you every attended any of my security talks i talk about the risks of surfacing the web or installing software you not sure of… Well Microsoft gave us a gift this week on the windows 10 Beta Build 18305 they have introduced an great new feature Windows Sandbox !
Windows Sandbox is a new lightweight desktop environment tailored for safely running applications in isolation.
How many times have you downloaded an executable file, but were
afraid to run it? Have you ever been in a situation which required a
clean installation of Windows, but didn’t want to set up a virtual
machine?
At Microsoft, we regularly encounter these situations, so we
developed Windows Sandbox: an isolated desktop environment where you can
run untrusted software without the fear of lasting impact to your
device. Any software installed in Windows Sandbox stays only in the
sandbox and cannot affect your host. Once Windows Sandbox is closed, all
the software with all of its files and state are permanently deleted.
Windows Sandbox has the following properties:
- Part of Windows – everything required for this feature ships with Windows 10 Pro and Enterprise. No need to download a VHD!
- Pristine – every time Windows Sandbox runs, it’s as clean as a brand-new installation of Windows
- Disposable – nothing persists on the device; everything is discarded after you close the application
- Secure – uses hardware-based virtualization for
kernel isolation, which relies on the Microsoft Hypervisor to run a
separate kernel which isolates Windows Sandbox from the host - Efficient – uses integrated kernel scheduler, smart memory management, and virtual GPU
To install Windows Sandbox, go to Settings > Apps > Apps & Features > Programs and Features > Turn Windows Features on or off, and then select Enable Windows Sandbox.
To start Windows Sandbox, open the Start menu, enter Windows Sandbox and then select it.
For more info and details go here