Windows Sandbox: The new way to open malicious files on Windows 10

This new tool is expected to be available in the next Windows 10 big update

Microsoft recently confirmed that its operating system updates package Windows 10 October 2018 Update is now available to the general public. Still, cybersecurity experts from the International Institute of Cyber Security report that the company is already developing its next update, called Windows 10 19H1, which will include multiple improvements and a wide range of new functions, such as the expected Windows Sandbox.

According to cybersecurity specialists, a sandbox is a tool that allows system administrators to create an isolated space in the operating system memory to install and run any software safely, without affecting the rest of the operating system or the data stored in the memory. Thanks to this tool, if a potentially malicious application is installed, the system will not be affected; all the system administrator should do is empty the sandbox and it will be safe again.

Previously it was necessary to install some software developed by third parties to be able to work with a sandbox (like the well-known Sandboxie). This time, Microsoft has decided to implement this function as a native application on Windows 10.

What do I need to use Windows Sandbox?

The company has not revealed too many details so far, but experts in cybersecurity mention that this new feature is likely to be implemented in the first quarter of 2019 as part of the next major Windows 10 operating system update.

Preliminary, some system requirements are thought to be:

•        Installation of Windows 10 Pro or Enterprise

•        AMD64 processor

•        4GB of RAM, 1GB of free storage and at least two-core processor

•        BIOS virtualization

Windows Sandbox must be activated manually in the operating system, for this, the user must go to the section “Windows Features”, then activate “Windows Sandbox” and follow the instructions that the operating system will show in screen.

Windows Sandbox will use Windows containers, a function of the operating system to work in the cloud, which means that the company is trying to make this new function available to any user, as considered by experts in cybersecurity.

As for the tool operation, once Windows Sandbox is enabled the tool will be ready to use. After you open Windows Sandbox with administrator permissions, it will display an environment similar to a virtual computer or container, from which you can manipulate the operating system in isolation, without compromising the actual operating system.

Users can copy any executable in the sandbox and open it there in a completely secure way. In this tool, the system administrator will be able to corroborate whether an application is harmless or malicious, only affecting the sandbox environment.

Microsoft expects the introduction of Windows Sandbox to help build a safer environment for large-system administrators, as well as for users with enough knowledge to handle this kind of tools.