App isolation in Windows 10

July 31, 2020 by

Nitesh Malviya

What is app isolation in Windows 10?

Suppose you want to install and run a new program on Windows but you think it may be risky and may harm your system. You want a safe way to isolate and run this program without affecting any other file or program already installed on the Windows OS. This is where the app isolation feature comes into picture.

This feature is also known as “Windows sandboxing”. Using Windows sandboxing, one can run untrusted apps onto Windows OS without affecting other programs and files.

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

Start Learning

Windows sandboxing is a kind of virtual machine which is created on demand using Microsoft Hypervisor. It uses the same Windows OS image.

Prerequisites

The following are the prerequisites to use the Windows sandboxing feature.

1. Windows 10 May 2019 update version 1903 installed
2. Hardware virtualization enabled
3. Windows 10 Pro or Enterprise

A few benefits of app isolation

1. The isolation process is a very lightweight environment of around 100MB optimized to boot and run faster
2. No need to set up or create virtual machines
3. After the application closes, everything gets deleted automatically
4. Security is automatically taken care of

Enable Windows Sandbox on Windows 10

1.  Hardware virtualization should be enabled. Run systeminfo in the command prompt and check for virtualization enabled, as shown. If virtualization is not enabled, you will need to restart your device and enable the feature in firmware settings.
2. Search for “Turn Windows features on or off."

3. Select Windows Sandbox.

4. Click the “OK” and “restart now” buttons.

We have enabled the Windows Sandbox feature for our use.

How to use Windows Sandbox in Windows 10

1. Open start and search for Windows Sandbox.

2. Right-click and select the “Run as administrator” option. Windows Sandbox will open.

3. Copy the app installer to be tested and paste it into Windows Sandbox. We are copying Malwarebytes setup named malware.exe, as shown: 

4. Double-click the installer file and install it into the system.

5. This app can now be run like other apps and will be run in a sandbox environment.

6. Once the app has been executed, close the Sandbox window.

7. As you terminate the window, Windows automatically erases virtual machines and its content without affecting other apps installed on the system.

Conclusion

Windows sandboxing is a great feature to test and run unsafe apps in the Windows environment. Also, it saves users from other hassles like downloading and setting virtual machines and does not consume much resources from the Windows system.

Sources

1. Windows Sandbox, Microsoft
2. How to enable ‘Windows Sandbox’ on Windows 10, Pureinfotech
3. How to Safely Run Software With Windows 10 Sandbox, PC News
4. Windows Sandbox is a safe new way to run untrusted .exe files, The Verge