Microsoft Enhances Windows Defender with Its Own Sandbox

Windows Defender hasn’t been one of the more popular antiviruses with users. What Microsoft does offer with Defender, other free antiviruses can do better with their own suites. It’s a well-versed piece of advice from expert users to download a free antivirus and disable Defender before you surf online.

Microsoft isn’t one to simply duck away from criticism, however. They’ve proven in the past that they’re willing to step up their game to convert users to their software. Last time they revamped Internet Explorer into Edge which they hoped would go toe-to-toe with Chrome and Firefox. Now, Microsoft is aiming to add a new feature to Windows Defender: a sandbox.

What’s a Sandbox?

Despite their heightened permissions and elevated priority, antiviruses are still software. This means that if a malicious attacker can find a hole in the antivirus’ security, they can take it down and get their payload onto the victim’s computer without an issue. Microsoft had a nasty case earlier this year where a specially-designed file would manipulate the Microsoft Malware Protection Engine while it was being scanned, giving the malware control over the victim’s computer.

In order to raise Defender’s security against attacks like this, Microsoft has worked hard to put Defender into a sandbox. A sandbox is a computing term for a restricted, secure area away from the main workings of the main operating system. It’s typically used to test potentially malicious code so that it does no damage to the actual computer.

With Defender embedded in a sandbox, it’s separated away from the main workings of Windows. Should a malicious program find a hole within Defender’s security, it then has to escape the sandbox in order to infect the host computer. Fortunately, this is no small feat; any malware that appears within the sandbox is highly likely to be stuck there to await removal.

How Can I Activate the Sandbox?

Microsoft is distributing the new sandbox feature to Insider users, and you can see it for yourself if you’re running Windows 10 version 1703. If you need a reminder on your version number, click the Start button, the settings cog on the left, System, then About.

When ready, click the Start button, then type “Command.” Right-click the Command Prompt option that appears, then click “Run as Administrator.”


In the box that pops up, type or paste:


and press Enter.


Restart your computer, and you should have Windows Defender running in a sandbox.

Does this Make Defender a Major Contender?


As mentioned above, Microsoft has always been keen to develop their Windows-based software to go toe-to-toe with the big leagues. Unfortunately, like with Edge, it’s not always able to topple the kings. While this new sandbox feature is a great way to ensure Defender isn’t so easily exploited to take over the whole PC, Defender still needs to be an effective antivirus to be worth using in the first place.

We covered if Windows Defender is good enough¬†before. As of this writing, Windows Defender has earned a ranking of “Advanced”¬†with AV Comparatives, the second best ranking. While this is a huge step up from previous years, it’s still lagging behind services such as AVG and Bitdefender.

As we claimed in the above article, Windows Defender is a sturdy defense that can help protect your PC, and this new sandbox feature makes it harder to topple. However, if you’re after the bleeding edge in antivirus solutions, you might be better off with an alternative, such as the suites listed as “Advanced+” near the bottom of the AV Comparatives article.

Understanding Sandboxes

With Windows gunning to get Defender up in the big leagues, their new sandbox feature makes it much harder for hackers to gain control of the system through the antivirus.

Does this make Windows Defender a more desirable antivirus in your eyes? Let us know below.

Simon Batt
Simon Batt

Simon Batt is a Computer Science graduate with a passion for cybersecurity.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox