Windows 10/11 Sandbox

Windows 10/11 Sandbox

Introduction

Considering the threats we are facing today, this feature can come in very handy when you need to test some attachments/files. It's basically a VM you can use on your laptop/desktop PC for all sorts of purposes.

Configuration

Windows Sandbox is the perfect environment to spin up in an instant and test something, or try something out.

Each time you access this service, a new VM (virtual machine) is created from scratch. Software installed on this VM does not remain on the VM, so you can try opening suspicious attachments there. The only time the VM persists is if you launch a Reboot from within the VM itself (or if one is triggered by an installation).

Prerequisites:

  • Supported on the following versions of Windows: Windows Pro; Windows Enterprise; Windows Pro Education/SE; Windows Education (not supported on Home edition)
  • Virtualization capabilities turned on from BIOS
  • 4GB RAM
  • 1 GB of free disk space
  • 2CPU cores

How to enable:

There are 2 methods:

1. GUI method:
You press the Start Menu and you search for "Windows Features". Inside it, you scroll down and you should see "Windows Sandbox"
Enable Windows Sandbox.png

2. PowerShell Method:
Enable Windows Sandbox via PowerShell.png
Open up Powershell (Run as Admin) & copy-paste & run the following cmdlet:
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online

Experience

After it configures, you will be asked to reboot. After the reboot, you will be able to search for "Windows Sandbox" in the start menu and be presented with this:
Windows Sandbox.png
When you click on it, in ~5 seconds you are inside the VM, where you can copy paste executables and "detonate" them, and check what happens.
Windows Sandbox exp.png
Can also be very useful in scenarios you want to test out different configurations or blocking settings, removing registry keys and you are afraid of damaging your own system. This is a very useful tool, use it wisely.

Windows Sandbox exp close.png

Conclusion

If you are not sure a certain app, attachment, or setting / registry is going to break your own PC, then you have this wonderful solution called Windows Sandbox built in your Windows OS by default which is very easy to enable and use. Can be very useful when dealing with suspicious attachments or dangerous settings.