In a major move to Windows security, Microsoft declared on 26th October that Windows Defender is that the first antivirus to realize the power to run within a sandbox environment. The thought is to stop bugs and exploit code from spreading from one method to a different, or to the underlying OS.
“We designed and built Windows Defender Antivirus to be resistant to attacks. In order to inspect the whole system for malicious content and artifacts, it runs with high privileges. This makes it a candidate for attacks.” Microsoft said in a blog post.
Sandboxing could be a software package management strategy that isolates applications from crucial system resources and different programs. It provides an additional layer of security that stops malware or harmful applications from negatively poignant your system.
The need for sandboxing an antivirus tool has become necessary once multiple crucial vulnerabilities were discovered in such powerful applications, as well as Windows Defender, in past years that would have allowed attackers to realize full management of a targeted system.
“Security researchers both inside and outside of Microsoft have previously identified ways that an attacker can take advantage of vulnerabilities in Windows Defender Antivirus’s content parsers that could enable arbitrary code execution. While we haven’t seen attacks in-the-wild actively targeting Windows Defender Antivirus, we take these reports seriously. We immediately fixed potential problems and ramped up our own research and testing to uncover and resolve other possible issues.” Microsoft added.
How to enable Sandboxing for Windows Defender?
- Open the Start Menu and then type cmd.exe.
- Right-click the cmd.exe and click on the Run as Administrator option.
- Type setx /M MP_FORCE_USE_SANDBOX 1 and click enter and wait for the validation.
- Now Restart the PC.
Sandboxing Windows 10 Defender is only available for users running Windows 10 Version 1703 and above.
With this new development, Windows Defender Antivirus becomes the first complete antivirus resolution to own this capability and continues to steer the trade in raising the bar for security.
Microsoft aforementioned it failed to see any such attacks against Windows Defender within the wild, however the corporate opted to sandbox Windows Defender and not take any risks with users safety.