What is Windows Sandbox? How to Activate?

windows sanbox.jpg

 In this article, you can find what you need to know about the Windows Sandbox feature, which helps run suspicious software while keeping your system safe.

You may have created a virtual machine using software such as VMware or VirtualBox to run software that you downloaded from the internet but do not know whether it is harmful or not. However, to use a virtual machine efficiently, you need a significant amount of system resources and storage space.

With software such as Sandboxie, it is possible to run software you do not trust without creating a virtual machine. However, Microsoft introduced the Windows Sandbox feature, which will eliminate the need for a third software in new Windows versions.

What is Windows Sandbox?
The Windows Sandbox feature creates a temporary desktop environment isolated from your system and allows you to try software you do not trust without affecting your computer. This feature, previously known as “InPrivate Desktop”, is now offered by default with the Windows 10 19H1 version.

This feature is available in both Windows 10 and Windows 11 and today, we will guide you on how to enable it in either of the operating systems. The installation method is the same on both operating systems, but for this guide we will use the Windows 11 version. All running software will remain only in this secure environment, and when the window is closed, all software and its files will be permanently deleted.

Is a Virtual Machine Needed?
There is no need to create a virtual machine for this feature. However, virtualization options must be enabled in BIOS settings. Additionally, users must have at least 1 GB of free storage space to run Sandbox.

Sandbox uses technologies called Windows Containers designed to run on cloud systems. Microsoft integrated this technology with Windows 10 and made this feature more suitable for use on devices.

The Windows Sandbox feature uses hardware-based virtualization for kernel isolation. Thus, the core of the main system and the core of the Sandbox are separate. The feature also uses a new technology called onboard scheduler, where the host system decides when the sandbox will run. Thus, an environment that has the security features of a virtual system but works like an application is prepared.

Sandbox also uses a new graphics virtualization technology. Microsoft has worked with many manufacturers to bring modern graphics virtualization capabilities to Windows. The result of all this is improved performance and responsiveness for applications running in Windows Sandbox. However, to benefit from these graphics virtualization features, it is necessary to have a compatible GPU and graphics driver (WDDM 2.5 or newer). On incompatible systems, Microsoft's CPU-based rendering technology will be used.

Windows Sandbox Requirements
To use the Windows Sandbox feature, you need to have a system with the following features:

Windows 10 Pro, Enterprise or Education build 18305 or Windows 11 (Windows Sandbox is not currently supported on Windows Home edition)
AMD64 architecture
Virtualization capabilities enabled in BIOS
At least 4 GB RAM (8 GB recommended)
At least 1 GB free disk space (SSD recommended)
At least two CPU cores (four cores with Hyper Threading support recommended)

How to Enable Windows Sandbox?
Make sure virtualization is enabled on your machine. If not, you can refer to Microsoft's guide here, but it may also require you to get into your computer's BIOS.
Since the process for entering the machine's BIOS is different for each hardware vendor, you'll probably need to find guidance specific to your machine. To get help on this issue, you can open a topic on Technopat Social.
After enabling virtualization, run the systeminfo.exe command in the Command Prompt to check whether Hyper-V is enabled or not, as seen in the screenshot below: Windows Sandbox RequirementsAs can be seen from the result, our system meets all the requirements for virtualization.
Now use Windows Search to open Turn Windows Features on or off and there, navigate to Windows Sandbox and enable it. We've added a screenshot below for your reference. Windows will automatically search for some files and then install them through the normal update method, which includes restarting your computer. Opening the Windows Sandbox
Open Windows Sandbox via Windows Search and it will appear as a dedicated application. This process will launch a new Windows inside your existing machine.
That's it. You can now copy and paste suspicious files from your main installation into Windows Sandbox and test them safely. Naturally, Windows Sandbox is isolated from your system, so you can't directly access your files unless you copy-paste or manually re-download them. Windows Sandbox does not support dragging and dropping files.

The best use case for this application would be to download an .exe file from a dubious source and then run it in Windows Sandbox first to see if it works as intended. Of course, this is just one way to check the validity of a file, and if you're cybersecurity savvy, you'll probably want to complete this process with other tools as well.

Popular Search Terms