Secure CyberCity against a rising tide of cyberattacks
3 Ways of Installing Windows Sandbox in Windows and How to Use it
Installing Windows Sandbox offers a lightweight desktop environment designed for secure and isolated application execution.
Applications installed within the Sandbox environment are contained and operate independently of the host machine.
The Sandbox is inherently temporary, ensuring that all software, files, and state are deleted upon closure.
Upon reopening the application, users are provided with a pristine instance of the sandbox, akin to a fresh installation of Windows.
Distinct from the host system, the Sandbox does not directly access software or applications installed on the host.
To make specific applications available within the Windows Sandbox environment, they must be explicitly installed within that isolated space.
Key properties of Windows Sandbox
- Part of Windows: Windows 10 Pro and Enterprise include all necessary components for Windows Sandbox, eliminating the need for separate downloads or VHDs (Virtual Hard Disks).
- Pristine: Each instance of Windows Sandbox is as clean as a freshly installed Windows, ensuring a pristine environment every time it runs.
- Disposable: Nothing persists on the device, with all data discarded upon closing the application, contributing to a disposable and secure usage model.
- Secure: Windows Sandbox employs hardware-based virtualization for kernel isolation, relying on the Microsoft hypervisor to execute a separate kernel that isolates the sandbox from the host. This approach enhances security.
- Efficient: Leveraging integrated kernel scheduling, intelligent memory management, and virtual GPU, Windows Sandbox optimizes resource utilization for an efficient and seamless user experience.
System Requirements
- Windows edition: Windows Pro, Windows Enterprise, Windows Pro Education/SE, Windows Education. Not supported on Windows Home Edition
- ARM64 (for Windows 11, version 22H2 and later) or AMD64 architecture
- Virtualization capabilities enabled in BIOS
- At least 4 GB of RAM (8 GB recommended)
- At least 1 GB of free disk space (SSD recommended)
- At least two CPU cores (four cores with hyper-threading recommended)
Important!
Before Installing Windows Sandbox:
Verify that virtualization is enabled (in your system’s BIOS). Although it is typically enabled by default, a quick check can be performed.
Here is how to perform a quick check:
Launch Task Manager by pressing Ctrl+Shift+Esc, then navigate to the “Performance” tab.
Select the “CPU” category on the left, and on the right, ensure that it indicates “Virtualization: Enabled.”
Read HERE how to enable virtualization.
Installing Windows Sandbox: Using Windows Features Dialog
1. Right-click Start, and click Run.
2. Type OptionalFeatures.exe and click OK.
3. Scroll down to find the Windows Sandbox option and check the box next to it.
4. Click OK and restart your computer if prompted.
5. Locate and select Windows Sandbox on the Start menu to run it for the first time.
If the Windows Sandbox option is not accessible, it indicates that your computer does not meet the necessary requirements for running Windows Sandbox.
Using DISM to Install Windows Sandbox
1. Open the Command Prompt as an administrator.
2. Copy and paste the following command and press Enter:
dism /online /Enable-Feature /FeatureName:"Containers-DisposableClientVM" -All3. If prompted, restart your computer to apply the changes.
4. Locate and select Windows Sandbox on the Start menu to run it for the first time.
Installing Windows Sandbox Using PowerShell
1. Open PowerShell as an administrator.
2. Copy and paste the following command and press Enter:
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online3. If prompted, restart your computer to apply the changes.
4. Locate and select Windows Sandbox on the Start menu to run it for the first time.
How to Use Windows Sandbox
1. Browser Check:
Verify the presence of a browser within the Windows Sandbox.
2. Download and Install:
Download an executable file from within the Sandbox and proceed to install it. In my case, I downloaded Notepad+++.
3. Run Application:
Execute the downloaded executable file or installer within the sandbox environment.
4. Closing the Sandbox:
Upon completing your experimentation, close the sandbox. A dialog box will prompt—stating that all sandbox content will be discarded and permanently deleted. Select “Ok.”
5. Verify Host Machine:
Confirm that your host machine does not reflect any of the modifications made within the Windows Sandbox.
Note:
It is safe to utilize Windows Sandbox for running suspicious URLs and links.
Wrap Up
Please note that Windows Sandbox is only available on Windows 10 Pro and Enterprise editions.
You can use Windows Sandbox to run applications in a safe and isolated environment.
The software installed inside the Windows Sandbox environment remains “sandboxed” and runs separately from the host machine.
When the sandbox is closed—all the software, files, and state are deleted. And you get a brand-new instance of the sandbox every time you open the application.
You must be logged in to post a comment.