For most people who regularly download stuff off the internet, opening the files is something that should be approached with great caution.
Viruses can seep into all kinds of packages, and if the user isn't careful, they can get infected without even knowing it. Running unknown .exe files, in particular, is one of the riskiest things one can do on a PC — so risky that some users clever enough to put on extra safeguards go as far as using virtual machines to check unknown apps.
Microsoft thinks that the process should be a lot simpler so as to be understood even by less tech-savvy users. As such, the company has developed a more streamlined method of checking unknown programs, and it's called Windows Sandbox.
Sandbox is an isolated desktop environment on Windows 10. It's a new feature that might be coming next year as part of Microsoft's Windows 10 19H1 update.
Simply put, it creates a "fake" and temporary desktop to isolate an app on that sandbox. When the user chooses to run an app inside Sandbox, it's merely running inside that environment, not on Windows 10 itself.
How Windows Sandbox Works
Sandbox aims to make things more secure and disposable, and once the user is finishing the suspicious program, everything gets deleted, including the sandbox itself. Every time Windows Sandbox is enabled, a lightweight version of Windows is created to run an app. To do this, Microsoft uses its own hypervisor to create a separate kernel that's isolated from the host PC.
While setting up virtual machines aren't too difficult, the process still requires a moderate amount of knowledge when it comes to how PCs work, and not everyone falls into that category. With this feature, however, users don't even have to set up a virtual machine, although they will have to enable virtualization capabilities in the BIOS.
Other requirements include:
• Windows 10 Pro or Enterprise build 18305 or later
• AMD64 architecture
• Virtualization capabilities enabled in BIOS
• At least 4 GB of RAM (8 GB recommended)
• At least 1 GB of free disk space (SSD recommended)
• At least 2 CPU cores (4 cores with hyperthreading recommended)
Microsoft plans to make Sandbox a part of Windows 10 Pro and Windows 10 Enterprise, which implies it'll be primarily for pro and business users. Insiders will be able to get a hold of the new feature early, perhaps once Microsoft ships Windows 10 build 18305 or later versions. Read the official blog post to learn more.