Earlier this year, we learned that Microsoft was working on an “InPrivate Desktop” feature for Windows. In the Windows 10 Feedback Hub, Microsoft described InPrivate Desktop as “a throaway sandbox for secure, one-time execution of untrusted software.
This handy VM solution has apparently been rechristened as “Windows Sandbox,” and Microsoft has provided more details about this feature on the Windows Kernel blog yesterday. Just like the previous “InPrivate Desktop” feature, Windows Sandbox will provide Windows admins a temporary desktop environment where they can safely test untrusted software. “Any software installed in Windows Sandbox stays only in the sandbox and cannot affect your host. Once Windows Sandbox is closed, all the software with all its files and state are permanently deleted,” Microsoft explained in the blog post.
Compared to traditional VM solutions, the company highlighted the following advantages for Windows Sandbox:
- Part of Windows – everything required for this feature ships with Windows 10 Pro and Enterprise. No need to download a VHD!
- Pristine – every time Windows Sandbox runs, it’s as clean as a brand-new installation of Windows
- Disposable – nothing persists on the device; everything is discarded after you close the application
- Secure – uses hardware-based virtualization for kernel isolation, which relies on the Microsoft’s hypervisor to run a separate kernel which isolates Windows Sandbox from the host
- Efficient – uses integrated kernel scheduler, smart memory management, and virtual GPU
The timing for the announcement is quite interesting as this same blog post mentions that Windows Sandbox requires Windows 10 Pro or Enterprise build 18305 or later. Microsoft released the 19H1 build 18298 last week for Fast Ring Insiders, and we hope the build 18305 will be released this week, right before the holidays. FYI, Microsoft mentioned that Windows Sandbox will require at least 4GB of RAM, 1 GB of free disk space and at least 2 CPU cores. We’re looking forward to test this new feature, sound off in the comments if you think this could become a new killer feature for Windows 10 Pro.
