在设备上运行一些可疑代码的最流行方法是诱使用户在目标设备上安装可疑程序。用户群对这些类型的威胁缺乏(Lack)认识使设备总是容易受到某种威胁。但看起来微软(Microsoft)一直在后台努力解决这个问题。他们刚刚宣布在Windows 11/10 中运行sandboxed version of Windows 11/10Windows 11/10只是为了隔离可疑软件在其中运行,从而使主系统免受潜在威胁。
Windows沙盒(Sandbox)使您的计算机安全
Windows Sandbox是一个可以启用的虚拟一次性环境。这意味着,如果您怀疑任何可疑软件,您可以在隔离环境中混合运行它,并确保它不会干扰任何正常进程并且不会损害任何有用的文件。
如前所述,
“Windows Sandbox is a new lightweight desktop environment tailored for safely running applications in isolation.”
一旦此沙盒(Sandbox)关闭,所有软件、残留文件和其他数据将被永久删除。
Windows 沙盒(Windows Sandbox)具有以下属性:
- Windows 的一部分(Part of Windows) – 此功能所需的一切都随Windows 10 专业版(Pro)和企业版(Enterprise)一起提供。无需下载 VHD!
- Pristine – 每次运行Windows Sandbox时,它都像全新安装的Windows一样干净(Windows)
- 一次性(Disposable) 的——设备上没有任何东西;关闭应用程序后,所有内容都将被丢弃
- 安全(Secure) ——使用基于硬件的虚拟化进行内核隔离,它依赖于微软的管理程序来运行一个单独的内核,将Windows 沙盒(Windows Sandbox)与主机隔离开来
- 高效(Efficient) ——使用集成内核调度程序、智能内存管理和虚拟GPU
需要满足以下最低要求才能运行Windows Sandbox:
- Windows 11/10 Pro或Enterprise build 18305 或更高版本
- AMD64架构
- (Virtualization)BIOS中启用的(BIOS)虚拟化功能
- 至少 4GB内存(RAM)(推荐 8GB)
- 至少 1 GB 可用磁盘空间(推荐SSD)
- 至少 2 个CPU内核(推荐 4 个超线程内核)。
阅读(Read):Windows 沙盒无法启动。
如何在Windows 11/10Windows 沙盒(Windows Sandbox)
要在Windows 11/10上启用和运行Windows Sandbox,需要执行以下操作:
- 在任务栏搜索框中搜索 Windows 功能 (windows features )。
- 单击(Click)单个搜索结果。
- 勾选 Windows 沙盒(Windows Sandbox)复选框。
- 单击 确定 (OK )按钮。
- 让它自动安装。
- 重启你的电脑。
让我们更详细地看一下。
首先,您需要确保您运行的是Windows 11/10 Pro或Windows 11/10 Enterprise Edition。
然后您需要启用虚拟化以让另一个Windows 11/10实例在沙盒(Sandbox)模式下运行。
之后, 在搜索框中搜索(Search Box)Windows 功能 (windows features )或Windows 功能打开和关闭(Windows Features on and off )并选择相应的条目,然后单击单个搜索结果。
从列表中,您进入迷你窗口,勾选Windows Sandbox复选框,最后单击 OK 按钮。
Windows 11/10 可能需要一些时间来安装新功能。完成后,您需要重新启动计算机。现在, 在任务栏搜索框中搜索(Taskbar Search)Windows Sandbox 并选择适当的条目以在高程中运行它。
从您的主计算机(主机)复制可执行文件并将其粘贴到Windows 沙盒(Windows Sandbox)环境中。
最后,在沙盒(Sandbox)环境中运行可执行文件并像往常一样使用它。
完成后,只需关闭Windows Sandbox应用程序,所有与该应用程序和临时环境相关的数据都将被删除。
只是为了安全起见,请确保没有因为沙盒(Sandboxed)环境中的执行而对主机进行任何修改。
如何在Windows 11/10 Home中启用沙盒?
截至目前, Sandbox(Sandbox) for Windows 11/10 Home版没有官方支持。但是,您可以按照一些方法在 Windows Home 中启用或打开 Sandbox。
相关(Related):Windows Sandbox 没有 Internet 连接
如何在Windows 10上访问(Windows 10)沙盒(Sandbox)?
要在Windows 11/10上启用沙盒(Sandbox),您需要在计算机上打开Windows 功能(Windows Features)面板并勾选Windows 沙盒(Windows Sandbox )复选框。之后,它将自动安装在您的计算机上。最后,您可以通过在任务栏(Taskbar)搜索框中搜索来重新启动计算机并打开Windows 沙盒应用程序。(Windows Sandbox)
读:(Read:)
- 如何在 VirtualBox 来宾操作系统中启用 Windows 沙盒(enable Windows Sandbox in VirtualBox guest OS)
- 如何在 VMware Workstation 中启用 Windows 沙盒
- 如何在 Edge 浏览器中启用音频沙盒。(enable Audio Sandbox in Edge browser.)
联系 Microsoft以获取与(Contact Microsoft)Windows Sandbox相关的反馈
如果您有任何问题或建议,您可以使用传统的反馈中心。
填写(Fill)适当的详细信息,并为功能类别选择 安全和隐私(Security and Privacy.)下 的Windows 沙盒 。(Windows Sandbox )
如果您有任何与Windows Sandbox的执行相关的问题,请选择 重新创建我的问题。(Recreate my problem.)
选择 开始捕获 (Start capture )重现问题,完成后选择 停止捕获,(Stop capture,)
这是您可以向相应团队发送反馈的方式。
阅读下一篇(Read next):如何配置和使用 Windows 沙盒。您还可以使用沙盒配置管理器。
How to enable Windows Sandbox on Windows 11/10
The most popular way to put up some suspicious code running on a device is by tricking in the user to install a suspicious program on the targeted device. Lack of awareness among the user base regarding these kinds оf threats leaves a device vulnerable to a certain kind of threat always. But it looks likе Microsoft has been working hard in the background in order to аddress this іsѕue. Thеy have just announced the availability of a sandboxed version of Windows 11/10 running inside Windows 11/10 just to isolate the suspected software to run inside it saving the main system from the potential threats.
Windows Sandbox makes your computer secure
Windows Sandbox is a virtual, disposable environment that can be enabled. This means that, if you suspect any software that is suspicious, you can run it compounded in an isolated environment and make sure that it would not interfere with any normal processes and would not compromise any useful files.
As mentioned,
“Windows Sandbox is a new lightweight desktop environment tailored for safely running applications in isolation.”
Once this Sandbox is closed, all the software, residual files, and other data are permanently deleted.
Windows Sandbox has the following properties:
- Part of Windows – everything required for this feature ships with Windows 10 Pro and Enterprise. No need to download a VHD!
- Pristine – every time Windows Sandbox runs, it’s as clean as a brand-new installation of Windows
- Disposable – nothing persists on the device; everything is discarded after you close the application
- Secure – uses hardware-based virtualization for kernel isolation, which relies on Microsoft’s hypervisor to run a separate kernel which isolates Windows Sandbox from the host
- Efficient – uses integrated kernel scheduler, smart memory management, and virtual GPU
One would need to meet the following minimum requirements in order to run Windows Sandbox:
- Windows 11/10 Pro or Enterprise build 18305 or later
- AMD64 architecture
- Virtualization capabilities enabled in BIOS
- At least 4GB of RAM (8GB recommended)
- At least 1 GB of free disk space (SSD recommended)
- At least 2 CPU cores (4 cores with hyperthreading recommended).
Read: Windows Sandbox failed to start.
How to enable Windows Sandbox on Windows 11/10
To enable and run Windows Sandbox on Windows 11/10, the following need to be done:
- Search for windows features in the Taskbar search box.
- Click on the individual search result.
- Tick the Windows Sandbox checkbox.
- Click the OK button.
- Let it install automatically.
- Restart your computer.
Let us look at this in more detail.
First, you need to make sure that you are running either of Windows 11/10 Pro or Windows 11/10 Enterprise Editions.
Then you need to enable Virtualization to let another instance of Windows 11/10 running in Sandbox mode.
After that, search for windows features or Windows Features on and off on the Search Box and select the appropriate entry, and click on the individual search result.
From the list, you get in the mini window, tick the Windows Sandbox checkbox and finally click on OK button.
Windows 11/10 might take a few moments to install the new feature. Once done, you need to restart your computer. Now, search for Windows Sandbox in the Taskbar Search box and select the appropriate entry to run it in an elevation.
From your main computer (host) copy the executable file and paste it inside the Windows Sandbox environment.
Finally, run the executable file in the Sandbox environment and use it as you would normally.
When you are done, just close the Windows Sandbox application and every data regarding that and the temporary environment will be deleted.
Just for the sake of safety, make sure that no modifications were made to the host because of the executions in the Sandboxed environment.
How do I enable sandbox in Windows 11/10 Home?
As of now, there is no official support for Sandbox for Windows 11/10 Home edition. However, there are some methods that you can follow to enable or turn on Sandbox in Windows Home.
Related: Windows Sandbox has no Internet connection
How do I get to Sandbox on Windows 10?
To enable Sandbox on Windows 11/10, you need to open the Windows Features panel on your computer and tick the Windows Sandbox checkbox. After that, it will be installed on your computer automatically. At last, you can restart your computer and open the Windows Sandbox app by searching in it in the Taskbar search box.
Read:
- How to enable Windows Sandbox in VirtualBox guest OS
- How to enable Windows Sandbox in VMware Workstation
- How to enable Audio Sandbox in Edge browser.
Contact Microsoft for feedback related to Windows Sandbox
You can use the traditional Feedback Hub if you have any issues or suggestions.
Fill in the appropriate details and for the feature category, select Windows Sandbox under Security and Privacy.
If you have any issues related to the execution of and within Windows Sandbox, select Recreate my problem.
Select Start capture to reproduce the issue and when done, select Stop capture,
This is how you can send feedback to the appropriate team.
Read next: How to configure and use Windows Sandbox. You can also use Sandbox Configuration Manager.