Microsoft Enhances Windows Defender with Its Own Sandbox | Tips & Tricks

Windows hasn’t been one of the more popular antiviruses with users. What Microsoft does offer with , other free antiviruses can do better with their own suites. It’s a well-versed piece of advice from expert users to download a free antivirus and disable before you surf online.

Microsoft isn’t one to simply duck away from criticism, however. They’ve proven in the past that they’re willing to step up their game to convert users to their software. Last time they revamped Internet Explorer into which they hoped would go toe-to-toe with and Firefox. Now, Microsoft is aiming to add a new feature to Windows Defender: a sandbox.

Despite their heightened permissions and elevated priority, antiviruses are still software. This means that if a attacker can find a hole in the antivirus’ security, they can take it down and get their payload onto the victim’s computer without an issue. Microsoft had a nasty case earlier this year where a specially-designed file would manipulate the Microsoft Malware Protection Engine while it was being scanned, giving the malware control over the victim’s computer.

In order to raise Defender’s security against attacks like this, Microsoft has worked hard to put Defender into a sandbox. A sandbox is a computing term for a restricted, secure area away from the main workings of the main operating system. It’s typically used to test potentially malicious code so that it does no damage to the actual computer.

With Defender embedded in a sandbox, it’s separated away from the main workings of Windows. Should a malicious program find a hole within Defender’s security, it then has to escape the sandbox in order to infect the host computer. Fortunately, this is no small feat; any malware that appears within the sandbox is highly likely to be stuck there to await removal.

Microsoft is distributing the new sandbox feature to Insider users, and you can see it for yourself if you’re running Windows 10 version 1703. If you need a reminder on your version number, click the Start button, the settings cog on the left, System, then About.

Also Read:  Grab a new Microsoft Surface laptop or tablet and save up to $300 right now

When ready, click the Start button, then type “Command.” Right-click the Command Prompt option that appears, then click “Run as Administrator.”


In the box that pops up, type or paste:

and press Enter.


Restart your computer, and you should have Windows Defender running in a sandbox.


As mentioned above, Microsoft has always been keen to develop their Windows- software to go toe-to-toe with the big leagues. Unfortunately, like with Edge, it’s not always able to topple the kings. While this new sandbox feature is a great way to ensure Defender isn’t so easily exploited to take over the whole PC, Defender still needs to be an effective antivirus to be worth using in the first place.

We covered if Windows Defender is good enough before. As of this writing, Windows Defender has earned a ranking of “Advanced” with AV Comparatives, the second best ranking. While this is a huge step up from previous years, it’s still lagging behind services such as AVG and Bitdefender.

As we claimed in the above article, Windows Defender is a sturdy defense that can help protect your PC, and this new sandbox feature makes it harder to topple. However, if you’re after the bleeding edge in antivirus solutions, you might be better off with an alternative, such as the suites listed as “Advanced+” near the bottom of the AV Comparatives article.

With Windows gunning to get Defender up in the big leagues, their new sandbox feature makes it much harder for hackers to gain control of the system through the antivirus.

Does this make Windows Defender a more desirable antivirus in your eyes? Let us know below.

Is this article useful?

You might also like More from author

Comments are closed.