Your IT Consultant

Windows Defender Can Now Run in a Sandbox

October 30, 2018

None of the paid antivirus products can make the claim that Microsoft’s Windows Defender can. Windows 10’s built-in antivirus can now run in a sandbox. That’s a major deal. As posted on Microsoft’s Secure blog:

“Security researchers both inside and outside of Microsoft have previously identified ways that an attacker can take advantage of vulnerabilities in Windows Defender Antivirus’s content parsers that could enable arbitrary code execution. While we haven’t seen attacks in-the-wild actively targeting Windows Defender Antivirus, we take these reports seriously…

Running Windows Defender Antivirus in a sandbox ensures that in the unlikely event of a compromise, malicious actions are limited to the isolated environment, protecting the rest of the system from harm.”

The amazing thing is that Microsoft implemented the feature without any noticeable performance issues. The gauntlet has now been dropped. Expect security vendors to jump on their horses so their products will run in a sandbox too.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://www.senseient.com