Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET-IT: Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Security|Windows Client OS

Windows Defender Gets Put in the Sandbox

Windows Defender, the built-in antivirus protection for Windows 10, is receiving a significant update that will help make the tool more robust for detecting and protecting your device. Microsoft is making this transition for the product to further harden it from attacks and to improve its ability to handle increasingly complex malware.

Because the antivirus software has elevated system permissions, this makes it a bigger target for attack. If a malicious piece of software is able to compromise the antivirus platform, in theory, it could take over the impacted system; Microsoft is moving Defender to its own sandbox and is trialing this new feature today.

By moving Windows Defender to a sandboxed environment, if the application is compromised, the impact is minimal. Microsoft has a lengthy blog post, which you can read here, that describes in detail the update.

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

While this feature may not be revolutionary, it will significantly help Defender remain a secure application in even the most hostile of environments; think of it as a security blanket, for your security blanket.

Microsoft is currently enabling this functionality with Windows Insiders but if you want to force your install into a sandbox, you change the variable (setx /M MP_FORCE_USE_SANDBOX 1) and restart your machine. This functionality is supported on Windows 10 version 1703 and later.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Brad Sams has more than a decade of writing and publishing experience under his belt including helping to establish new and seasoned publications From breaking news about upcoming Microsoft products to telling the story of how a billion dollar brand was birthed in his book, Beneath a Surface, Brad is a well-rounded journalist who has established himself as a trusted name in the industry.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: