Microsoft reveals Windows Sandbox for Windows 10 to run malware without impacting the PC

Microsoft today revealed a sandboxed desktop environment for Windows 10 that allows users to test untrusted or malicious software without any impact on their PC. The new Windows 10 feature is called Windows Sandbox and will be available for Windows 10 Pro and Windows 10 Enterprise users.

Microsoft reveals Windows Sandbox for Windows 10 to run malware without impacting the PC

On its website, Microsoft explains that to use Windows Sandbox, users don’t have to download Virtual Hard Drive (VHD) images. Instead, the feature uses a clean copy of the Windows 10 version installed on the computer. Every time the Windows Sandbox starts, it makes a new clean copy of the OS. When Windows Sandbox is closed, all files are removed.

Windows Sandbox is built on the foundation of Windows Containers, a technology that Microsoft initially designed for cloud usage and which is part of Windows Server. With Windows Sandbox, Microsoft added integration with Windows 10, and built features that make it more suitable to run on devices and laptops. The image of the sandbox is a so-called “dynamic base image”, which is only 25 MB when compressed and which contains clean copies of files that can be changed during run time.

When the sandbox is running and the files are no longer compressed, the size increases to 100 MB. The relative small size is possible because the files in the “dynamic base image”  link to files of the host Windows 10 installation

The temporarily desktop environment uses hardware-based virtualization for kernel isolation, which relies on the Microsoft’s hypervisor to run a separate kernel which isolates Windows Sandbox from the host. The hypervisor makes sure that the physical machine can be divided into several virtual machines that share the same hardware. This results in a virtual desktop environment that runs separately from the host and therefore can’t do any damage to it.

Requirements to run Windows Sandbox are Windows 10 Pro or Windows 10 Enterprise,  4GB of RAM, 1GB disk space and at least two CPU cores.