Windows Sandbox will let you test-drive untrusted software

Microsoft confirmed it's working on a Windows Sandbox feature. This will be a new, light-weight desktop environment that will let users open untrusted executable files in the safeness of a virtualized environment. This whole concept is not new but it's the first time Microsoft will offer it as a standard feature of Windows.

Windows Sandbox will not use VHDs but will run as clean as a brand-new installation of Windows. Once the Windows Sandbox is closed, everything is discarded permanently. The feature relies on the Microsoft hypervisor to run a separate kernel which isolates the virtualized environment from the host.

Windows Sandbox has the following properties:

Part of Windows – everything required for this feature ships with Windows 10 Pro and Enterprise. No need to download a VHD!

Pristine – every time Windows Sandbox runs, it’s as clean as a brand-new installation of Windows

Disposable – nothing persists on the device; everything is discarded after you close the application

Secure – uses hardware-based virtualization for kernel isolation, which relies on the Microsoft’s hypervisor to run a separate kernel which isolates Windows Sandbox from the host

Efficient – uses integrated kernel scheduler, smart memory management, and virtual GPU

The feature is available to Windows Insiders in Windows 10 build 18305, it's unknown when it will become part of the mainstream release of Windows 10 -- perhaps with the rollout of the 1H 2019 update. To use Windows Sandbox, users will need a Windows 10 Pro or Enterprise operating system with a 64-bit processor, at least 4GB RAM, at least 1GB free disk space, and at least two CPU cores.