New Windows Sandbox Creates a Safe Space to Test Shady EXEs
The internet is full of wonder and the accumulated knowledge of humanity, but it’s also full of malicious software and scams. That’s why Windows users have always been warned not to launch shady executables. You’re not going to open virus.exe, but sometimes it’s not so clear. Windows will soon have a tool to help you find out what that questionable EXE file does. It’s called Windows Sandbox, and it’s coming next year to select versions of the OS.
Some more knowledgeable Windows users have long used virtual machines to test suspicious files, but that requires a lot of setup and forethought. Windows Sandbox is like a streamlined virtual machine, and it’s built into Windows 10. Or rather, it will be in a few months.
To run Windows Sandbox, your PC will need to be on Windows 10 Pro or Enterprise (build 18305 or later) with a 64-bit dual-core CPU, at least 4GB of RAM, and 1GB of disk space. However, Microsoft recommends a quad-core CPU, 8GB of RAM, and an SSD. You also need virtualization enabled at the BIOS level.
With those boxes checked, the machine will be able to create a small 100MB Windows 10 installation that is completely isolated from your real operating system via Microsoft’s Hypervisor to run a separate kernel. This is a “hybrid” approach that doesn’t need a full OS image like a regular virtual machine. Instead, it uses the files of the host OS to dynamically generate pristine files each time you open the Sandbox.
Using the Sandbox, you can open files, infect it will all sorts of scary malware, and then shut it down. The Sandbox will reset itself and clear whatever changes you’ve made. Ideally, you’ll be able to watch what the executable file does to make sure it’s not malware. If it doesn’t install the program you expected, that’s a sign something is wrong. However, a lot of malware is sneakier and may be bundled with legitimate-looking software. In that case, you’re relying on Windows anti-malware scanners to catch it before you install the program on your real operating system.
Microsoft didn’t say exactly when the Windows Sandbox will roll out, but we expect the 18305 build to appear at some point in the first half of 2019. Remember, this won’t come to the base version of Windows 10, but maybe it’ll convince a few people to upgrade.