Skip to main content

The Windows Defender Antivirus Sandbox in Windows 10

Microsoft implemented new functionality in Windows Defender Antivirus for Windows 10 recently that makes the antivirus solution run in a sandbox on the system.


The feature, which is available in Windows 10 version 1703 and newer, needs to be enabled for the time being as it is not active by default currently.


Microsoft hopes that Windows Defender Antivirus' new restrictive process execution environment helps protect the application against attacks that are targeted directly at it. Antivirus solutions often need to run with high privileges to protect the entire system against malicious attacks; the need to run with high privileges make antivirus programs high profile targets, especially if they are used widely.


Microsoft stated that it is unaware of  targeted attacks "in-the-wild" against Windows Defender Antivirus but that security researchers identified ways to attack Windows Defender Antivirus successfully in the past.


A sandboxed environment adds another layer of protection to the antivirus solution. Malware that aims to exploit Windows Defender Antivirus successfully would have to exploit a vulnerability in the application itself and find a way to break out of the sandboxed environment that Microsoft created for the security software.


Running Windows Defender Antivirus in a sandbox ensures that in the unlikely event of a compromise, malicious actions are limited to the isolated environment, protecting the rest of the system from harm.


Enable Windows Defender Antivirus sandboxing


windows defender antivirus sandbox


Sandboxing is not enabled by default at the time of writing. It is available, however, on all devices running Windows 10 version 1703 or higher.


Tip: if you are unsure about the Windows version run winver.exe on Start to display it.


Here is what you need to do to enable Windows Defender Antivirus sandboxing right now:



  1. Open the Start menu.

  2. Type powershell.exe to display PowerShell as one of the results.

  3. Right-click on the result and select "run as administrator" or hold down the Shift-key and the Ctrl-key before you select the result. Both options execute PowerShell with elevated rights.

  4. Confirm the UAC prompt that may be displayed.

  5. Run setx /M MP_FORCE_USE_SANDBOX 1.

  6. Restart Windows.


The command sets a new system variable that tells Windows to run Windows Defender Antivirus with sandbox functionality.


Verifying that the sandbox is running is simple: open the Windows Task Manager with a tap on Ctrl-Shift-Esc and make sure you display all details (click on more details if not), and look on the Details tab of the program.


Locate MsMpEngCP.exe there. If you see it, the sandbox is up and running. The process runs with low privileges and uses "all available mitigation policies" according to Microsoft.


You can use third-party programs like Process Explorer as well if you prefer those to verify that the sandbox is enabled.


Check out Microsoft's blog post on the Microsoft Secure blog for implementation details and challenges that Microsoft faced during research and development.


Now You: Which antivirus solution do you run?


Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post The Windows Defender Antivirus Sandbox in Windows 10 appeared first on gHacks Technology News.

Comments

Post a Comment

Popular posts from this blog

Can you use the Tor Browser without Tor connection?

Tor Browser is a web browser specifically designed for privacy and anonymity. The web browser is a modified version of Firefox ESR that includes privacy tweaks and even some extensions to improve privacy and security on the Internet. What makes it special is that all connections go through several severs of the Tor network before they connect to the destination. Connections to Tor improve privacy when you are online but could you, in theory, run Tor Browser without Tor? Tor Browser without Tor would still provide better out-of-the-box privacy than Firefox ESR or Firefox Stable -- and other browsers. It is arguably the browser with the best default privacy configuration which might make it attractive to some users. Dropping Tor reduces privacy while online but that can be compensated, e.g. by connecting to a VPN or even chaining VPN services  and it would speed things up significantly. Tor is the better choice when it comes to critical tasks, e.g. leaking documents or communication...
Post a Comment
Read more

12 Striking Dark Wallpaper Sites That Are Perfect for Your Desktop

The computer desktop is a personal space, and so you get to do it up with your choice of wallpapers. Desktop wallpapers reveal something about our natures. The kind of mood you are in. Science says that the choice of colors affect how we think and feel. Maybe also light or the absence of it. So how do you feel about dark desktop wallpapers? The obvious benefit of using dark backgrounds on your desktop is that all your icons and folders stand out in contrast. They make text easier to read. For instance, a dark motivational wallpaper spotlights the inspiring message scribbled on it. So let’s look at a few high-quality free dark-themed wallpapers for your desktop. 1. Wallpapers Craft The better wallpaper sites allow you to choose a wallpaper according to your screen resolution. They also have multiple categories for you to choose from. Wallpapers Craft could be on the shortlist. The catalog of dark wallpapers gives you 1000+ wallpapers to choose from. Sort them by the number of downl...
Post a Comment
Read more

10 Essential Red Dead Redemption 2 Tips

Red Dead Redemption 2 is one of the most epic open world games ever made. There’s a lot to do in the game, from story missions to sidequests, from hunting animals to robbing banks. And that means Red Dead Redemption 2 can, at times, feel overwhelming. There are some fundamental things you need to learn in order to enjoy Red Dead Redemption 2. And they should help you succeed at playing the game without dying too often. So, here are some essential Red Dead Redemption 2 tips all players should know… 1. Take Note of Your Surroundings This may seem obvious to some, but it’s worth mentioning. Don’t just focus on your destination or waypoint. Instead, scan the horizon for places worth exploring and people worth meeting. Smoke rising into the air means someone has a campfire. A white circle denotes a stranger mission is close by. You’ll also see or hear animals close by that may be worth hunting. 2. Always Set Destinations on Your Map The map in Red Dead Redemption 2 is vast. So vast...
Post a Comment
Read more