In Windows, there is a virtualized environment where you can safely test (potentially) untrusted programs and websites. Using it is as easy as it can be – you start the environment like any other program and then close the window again and everything disappears. You don’t have to configure anything complicated, this is where Sandbox differs from classic virtual computers.
At its core, however, it is a virtual computer. You just don’t install the operating system into it and you don’t specify its other parameters. You don’t even need to purchase a special license for it, because it is not intended for persistent long-term operation – the Sandbox forgets everything after termination.
Therefore it is suitable for single use as I have outlined above. Let’s say you receive a suspicious email. It seems legit, but something doesn’t feel right about it, maybe it’s phishing. They might try to force malware on you. Maybe it’s a test from your company’s IT department that wants to test your reflexes and reasoning.
Have you received a message that looks like it might not be legitimate? Opening links without security measures might not pay off
Opening links in a suspicious e-mail is risky, and starting up a classic virtual computer is unnecessarily complicated. Sandbox will save you in such a situation, because in a few seconds you can start a virtualized environment that is shielded from the rest of your operating system.
You can therefore safely open a hyperlink from a suspicious e-mail in it, for example. Even if you were attacked by malware, for example, nothing would happen. Feel free to try opening the suspicious file in the attachment, nothing bad will happen.
Who can use Windows Sandbox?
Sandbox is one of the most useful enhancements in Windows in recent years. It was integrated into Windows 10 at the end of 2018 (then in test build 18305) and is also offered by Windows 11. As usual, the environment is not available to everyone. The basic filter is the edition because they provide the function Pro edition only, Enterprise a Education.
Therefore, Windows Sandbox is not officially available in the extended consumer edition of Home. There may be unofficial ways to get it working, but no one can guarantee functionality in that case.
It’s a virtual machine, but without the complicated setup. Just turn it on and it works
The computer must meet several additional requirements to be operational:
- 64-bit processor with two cores, four cores with hyperthreading are recommended,
- min. 4 GB of RAM, better 8 GB and more,
- min. 1 GB of disk space, SSD is recommended,
- enabled virtualization in BIOS/UEFI.
In general, it is nothing exotic, you can run a virtualized environment on almost any machine. Windows 11 was not even released in a 32-bit edition, and Sandbox largely copies their minimum requirements. Even older computers with Tens usually do not have less than four gigabytes of operating memory, and we have probably all switched to SSDs a long time ago. If you haven’t already, Sandbox will run for you, but lazily.
How to turn on Windows Sandbox
First of all, make sure you are in BIOS or UEFI virtualization support enabled. We cannot advise you with every specific model. If you are not sure how to do this, refer to your motherboard or computer manual.
Settings are also named differently. If you don’t see VT-X or AMD-V directly, you might notice Intel Virtualization Technology or maybe Hyper-V. If you see the Intel VT-d or AMD IOMMU preferences, enable them as well.
Head to the optional features management dialog. That is, to the old one
Next, search for the Start menu Turn Windows features on or off. In the optional functions window, find Sandbox ve Windows, mark it and confirm by clicking OK. The computer will restart and after that the environment should be available.
You can also turn it on with the following command in PowerShell with administrative privileges:
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online
How Windows Sandbox works
A sandbox is a disposable virtual machine that you don’t need to configure manually. It will offer you the same environment as your host operating system, i.e. if you use Windows 10, you will get virtualized Tens, in the case of Windows 11, Sandbox will offer you Elevens. The similarity is not only superficial.
By using hardware virtualization for the kernel, it decouples the two environments. Microsoft applied its and at the time new container technology in practice. However, it did not reserve its own copy of the operating system for the Sandbox, the virtualized environment relies on the system files that make up your host system. Therefore, Sandbox offers the same functionality and appearance as your host system.
Just turn on Windows Sandbox and restart your computer
It does not apply to all files, but only to those that cannot be changed. Sandbox copies those that they can change so that it can deal with them as needed. This approach saves space. It takes up about 30MB when not installed, around half a gigabyte when installed.
Compared to a traditional virtual computer, it is also more flexible in accessing operating memory, which containers will request from the system in the same way as normal processes. It can even share files belonging to the operating system in RAM with the Sandbox host system. According to Microsoft, the solution is safe, but the virtual environment does not consume as much memory as a regular virtual computer.
The approach to the processor is also different, where the Sandbox requests processor time like normal processes, so the priority depends on what is happening in both environments. The virtual environment receives information about the state of the battery, so it can optimize according to the state of charge.
In this case, we correctly guessed that the email was not legitimate and that it was a test from the IT department. Because we opened it in Sandbox, we couldn’t infect the computer with malware, for example
These are all advantages of Sandbox. At the same time, the elevens learned one important thing from version 22H2, namely that the virtual environment does not reset when a restart is triggered in it. By always forgetting everything, it excluded itself from the possibility of testing programs that require a system restart in order to function.
However, the Sandbox does not serve as a full-fledged replacement for virtual computers, and probably will not – after the end of the session, all changes and data are shredded, and next time you start again with a clean environment, where you can do all the things you always wanted, but were afraid to do. If you want more, set up a regular virtual machine.
