Windows 10’s built-in antivirus can now run in a sandbox. Even if an attacker compromises the antivirus engine, they wouldn’t have access to the rest of the system. As Google’s Tavis Ormandy puts it, “this is game changing.”
In fact, Windows Defender is the first complete antivirus product that can run in a sandbox. None of the paid (or free) antivirus products you can download boast this feature.
This news comes from the official Microsoft Secure blog. As Microsoft puts it:
Security researchers both inside and outside of Microsoft have previously identified ways that an attacker can take advantage of vulnerabilities in Windows Defender Antivirus’s content parsers that could enable arbitrary code execution. While we haven’t seen attacks in-the-wild actively targeting Windows Defender Antivirus, we take these reports seriously…
Running Windows Defender Antivirus in a sandbox ensures that in the unlikely event of a compromise, malicious actions are limited to the isolated environment, protecting the rest of the system from harm.
In other words, the Windows Defender antivirus process that analyzes downloaded files and other content will run with very few permissions. Even if there was a bug in the antivirus process and a maliciously crafted file managed to compromise the antivirus itself, that now-dangerous antivirus process wouldn’t provide any access to the rest of your system. The attack would have failed.
Sure, an antivirus still needs a lot of access to your system. But the main antivirus process that runs with a lot of permissions won’t analyze files. It hands content off to a low-privilege sandboxed process, which does the dirty and dangerous work in a secure area.
Microsoft’s blog post goes on to describe how this feature was implemented without any noticeable performance drops:
Performance is often the main concern raised around sandboxing, especially given that antimalware products are in many critical paths like synchronously inspecting file operations and processing and aggregating or matching large numbers of runtime events. To ensure that performance doesn’t degrade, we had to minimize the number of interactions between the sandbox and the privileged process, and at the same time, only perform these interactions in key moments where their cost would not be significant, for example, when IO is being performed.
There’s much more detail than that in Microsoft’s blog post, so check it out if you’re interested.
While this feature is exciting, it isn’t enabled by default on Windows 10 systems—yet. Microsoft says it will “gradually enable” this feature for Windows Insiders and analyze how it works in the real world.
Warning: Microsoft isn’t confident enough in this feature to enable it by default for everyone yet, so you may experience bugs after enabling this. We enabled it on our system and everything seemed to work fine, though.
To enable this feature today, launch a Command Prompt or PowerShell window as Administrator, run the following command, and then restart your PC:
setx /M MP_FORCE_USE_SANDBOX 1
This command works on Windows 10 version 1703, also known as the Creators Update, and newer versions of Windows 10. That version of Windows 10 was released in April 2017, so your PC almost certainly has that version or newer by now.
If you want to undo this change, run the same command, replacing the “1” with a “0,” and reboot your PC once again. If you have problems booting your PC for some reason, try booting into Safe Mode and then running the command.
After enabling sandboxing, you will see a special content process named MsMpEngCP.exe with less permissions running alongside the standard MsMpEng.exe antimalware process.
We were once pretty critical of Microsoft’s antivirus, but we think the latest versions are pretty good. We recommend using Windows Defender to keep your PC secure without any of the upsells and bugs that third-party antivirus software brings to the table. And it’s included by default with Windows 10, so all Windows users finally have a solid antivirus.
We just wish Microsoft’s antivirus was more aggressive about blocking crapware by default.