Windows Sandbox is based on Hyper-V technology (Microsft’s Hypervisor), which allows you to run untrusted software safely and test potentially malicious files. This article will show you how to activate and use the Windows Sandbox in Windows 10.
- Part 1: Enable Windows Sandbox
- Part 2: Create a shared folder between host and a Windows Sandbox
- Part 3: Situations to use Windows Sandbox
The sandbox is great for presentations, troubleshooting or handling malware.
How to activate Windows Sandbox in Windows 10
1. Make sure virtualization is enabled
To enable Windows Sandbox on Windows 10 (1903) or higher, you need to make sure that virtualization is enabled in BIOS / UEFI. Most desktop and notebook CPUs today support this. You can check from the task manager.
If virtualization is disabled, go to enable it. See more information to enable virtualization in BIOS / UEFI.
2. Open the Windows feature.
3. Enable Windows Sandbox.
Select Windows Sandbox. Click OK and restart your computer.
After restarting, you can launch the Windows Sandbox from the Windows 10 Start menu.
Now you can copy and paste files from the host to the sandbox and run them in a secure environment. Drag and drop do not work, but you can create a shared folder from a host with reading/write permissions.
How to create and configure a shared folder between a Windows 10 host and a Windows Sandbox
Step 1: Open Notepad.
Type the following to create a profile for the Windows Sandbox.
You can specify the path to the host folder to be displayed in the Windows sandbox in the HostFolder block. Also, use the value “true” (recommended) in the ReadOnly block to force access to the folder in read-only mode, or use the “false” value to allow read/write access to the folder.
Step 2: Click File > Save As.
Enter a descriptive name and use the extension “.WSB“. For example, Mysharedfolder.WSB
Step 3: Run the “.WSB” file.
When you run the .wsd file, the Windows Sandbox will launch and display the shared folder on your desktop, which you can easily access from your desktop.
What can you do with the Windows Sandbox?
Securely access dangerous websites using any web browser
If you want to visit a website that you suspect is dangerous but you don’t want Windows 10 PC to be at risk, use the Windows Sandbox to perform this task.
Test potentially dangerous applications and check files for malware
You may stumble upon apps that you can’t trust. They can be useful, but they can be dangerous and may even have malware. If you want to install and run such an application, but want to do this in a secure and isolated environment that does not affect your Windows 10 PC, use the Windows Sandbox to download and run an antivirus check.
If the applications and files you are testing prove that there are no problems and are not dangerous, you can use them in Host Windows 10.
Check for suspicious attachments in emails
If you have just received an email with a suspicious attachment, it is most likely sent by a cybercriminal. If you don’t want to put your PC at risk, open the Windows Sandbox and use the Microsoft Edge web browser to access your email account. Then, download the attachment from the suspicious email and run it. For security reasons, please log out of your email account to see its features before opening the attachment.
Errors to avoid when using Windows Sandbox
Do not use Windows Sandbox to test fake or phishing sites. In this case, the sandbox is invalid because you did not download the file. If you enter your username and password, your account will be in serious danger.
Don’t confuse the Windows Sandbox with a real Windows 10 PC. You can watch the following video tutorial.
