Microsoft has finally announced that their built-it antivirus for Windows, Windows Defender, can now be run isolated it its own sandbox process.
This process highly improves the security of Windows, since their built-in antivirus and anti-malware can now be run in its own isolated environment. Running in a sandbox means that a particular application uses a custom-made environment, exclusive only for the application, instead of using the system of Windows. This means that attackers need to penetrate first the sandbox before they can compromise the application. Moreover, the compromised application cannot affect system entities outside the sandbox.
Since the antivirus is one of the primary protection of Windows, and it has the highest levels of privileges to function effectively, it means that it should be protected the most. In the past, several vulnerabilities were reported against Windows Defender, and that it can compromise the entire Windows system. Windows took the challenge and announced earlier that they would make efforts to increase the security of their system through the antivirus.
Trying to run Windows Defender in Sandbox mode is not an easy task for Microsoft Security researchers. Additionally, since it creates an exclusive environment for Windows Defender, it is also resource intensive.
The feature has been launched on Windows 10 with version 1703 or later. However, since the said functionality is still in testing mode, users will have to manually enable the same by doing the following steps:
- Open “Command Prompt”
- Run as administrator
setx /M MP_FORCE_USE_SANDBOX 1
- and then press ENTER
- Restart your computer
Users will have to check if the process takes a toll on the system upon enabling the same.