Windows Sandbox is Here: (and Pro users CAN access it)

Worried about what that “.exe.” file is going to do to your Windows-based system? Here’s some good news. Microsoft has now officially announced the arrival of Windows Sandbox: an isolated desktop testing environment for running untrusted software. Built into the Pro and Enterprise flavours of Windows 10, it’s available right now for Windows Insider users in the Fast ring, with a general rollout scheduled for April.

Here’s a closer look at what Windows Sandbox does – and at how to access it…

InPrivate Desktop: Renamed – and it’s not just for Enterprise users…

Back in August last year, a feature dubbed InPrivate Desktop was accidentally leaked as part of the Windows 10 Insider programme. (Basically, it looked as if Microsoft was toying with the idea of releasing it in beta at that stage – then decided against it – but “forgot” to take out references to it from the Insider release).

From the leaked user guide, you could see that InPrivate Desktop was essentially a virtual machine (VM): a handy throwaway Windows environment that would let you run and check the piece of software you wanted to test – but without accessing the files or features of the main system.

All of this sounded promising apart from one major limitation: it seemed that you needed Windows 10 Enterprise to run it.

The company didn’t comment on the leak at the time. But fast forward to December and it’s now official, courtesy of a community post from Microsoft’s Hari Pulapaka. It’s described as “an isolated, temporary desktop environment where you can run untrusted software without fear of lasting impact to your PC”.

The ‘InPrivate Desktop’ moniker has gone in favour of the much more say-what-you-see description, ‘Windows Sandbox’. Crucially, it’s available to both Enterprise and Pro users.

What’s good about Windows Sandbox?

There are some very good reasons to put it to work…

It’s part of Windows

You want to check out a piece of software before letting it loose on your system. So you go away and source some decent Virtual Machine software to test it. This means extra cost – and you also discover that this VM slows down performance, while eating up a fair chunk of storage space.

Windows Sandbox offers an alternative. Everything you need for a software quarantine & check is now accessible via the Windows 10 Pro or Enterprise dashboard – with no extra VM tools to juggle.

It’s a true sandbox

Windows Sandbox runs in a kernel created using virtualization at hardware level. This gives you the power to run a completely accurate snapshot OS environment – but one that’s entirely isolated from the rest of your system. All of this is done without the need to create or download a virtual hard disk (VHD).

It’s brand new every time

On closing the Windows Sandbox application after using it, everything on it is discarded. Each time you run it, you get pristine usage.

It’s efficient

Run requirements are actually refreshingly modest:

  • Windows 10 Pro or Enterprise build 18301 or later (see below)
  • X64 architecture
  • A processor that supports virtualization
  • 4GB of RAM (8GB is recommended)
  • 1 GB of available disk space (SSD is recommended)
  • 2 CPU cores (4 cores with hyperthreading are recommended)

Can I Run Windows Sandbox Right Now?

Yes – but only if you’re a Windows Insider enrolled in the Fast ring – and if you’re running build 18305…

  • First off, check your motherboard manufacturer instructions to ensure virtualization is enabled
  • Open Start.
  • Search for Turn Windows features on or off – and click the first result.
  • Check the Windows Sandbox box. Click OK and then Restart now.
  • You should now be able to start Windows Sandbox via the Start menu.

If you’re not signed up to the Windows Insider programme (Microsoft’s army of unpaid testers), you can expect to have access to Windows Sandbox once the next full update (19H1) is rolled out. This is scheduled for April 2019. (Note: this is for Pro and Enterprise users only. No announcement for Home and Education users unfortunately!).

Does Windows Sandbox solve my cybersecurity problems?

Windows Sandbox gives you a clean slate: a safe, fast and reliable means of putting software to the test – without having to purchase additional tools.

It’s a valuable thing to have – but just remember one thing: it counts for little if you or other system users routinely bypass it! Tempted to click on that ‘interesting’ looking link in an email? Tempted by that ‘too-good-to-be-true’ software download? It’s no good having sandboxing capabilities at your fingertips if you’re not going to remember to use them – every time.

  • Nathan House

    Nathan House is the founder and CEO of StationX. He has over 25 years of experience in cyber security, where he has advised some of the largest companies in the world. Nathan is the author of the popular "The Complete Cyber Security Course", which has been taken by over half a million students in 195 countries. He is the winner of the AI "Cyber Security Educator of the Year 2020" award and finalist for Influencer of the year 2022.

  • J.Martinez says:

    Thank you very much for the info, let’s hope it is as promising as it sounds.

  • Andrew says:

    So this is a Sandboxie killer. That explains why there hasn’t been any updates to the software except a beta that’s been around since October, and possibly why they changed their business model to get rid of the 3-pc lifetime option.

    • Nathan House Nathan House says:

      It depends how much functionality they put into it.

    • Martin says:

      I’ve used Sandboxie for nealy 20 years doing all my browsing and email opening in it, but recently, perhaps because of Chrome and Firefox having their own sandboxes, the browsers sometimes struggle to get going. I look forwards to the integrated Windows sandbox. And if Sandboxie is finally obsolete, I’ll remember it most fondly: it’s the only third-party piece of software that, for me, has stood the test of time.

  • Rajesh Kumar Gopal says:

    Will be of great help for normal as well as software tester users

  • Rajesh Kumar Gopal says:

    Good development

  • Sven says:

    Well-developed malware detects if it runs in a sandbox. I’m not so hopeful. Of course, it can protect against the general garbage

  • Krzysztof says:

    Verry interesting name of Microsoft’s employee: Hari Pulapaka. Pułapka in Polish means trap

  • Alishia says:

    This new feature, Windows Sandbox, certainly offers several advantages over virtualization solutions! at the same time, it is integrated within Windows 10; therefore users will be allowed to execute untrusted programs and other files along with making sure the main Windows 10 installation is unaffected.

  • >