In its latest announcement, Microsoft has reported that Windows Defender will be the first antivirus to have the opportunity of running inside a sandbox. This news come as Windows 10 October update’s new public rollout nears as Microsoft fixes more bugs.
Sandbox is said to be a security mechanism that operates seamlessly by separating a process inside a tightly controlled area of the operating system that gives that process access to limited disk and memory resources, probably in a bid to facilitate effective operations.
Running a Windows Defender antivirus in a Sandbox is meant to prevent bugs and exploitation of the code from spreading from a process to another. This is to be seen as a kind of protection for the software which prevents it from vulnerabilities of outside predators.
This move for some time has been regarded by software experts as the optimal security measure for the software and its accompanying architecture. A sandbox escape is seen as one of the most complex pieces of exploitation malware.
Microsoft has also released a statement which clarified the progress being made. The statement said that soon Windows insiders will have this capability enabled. This will also lead to new information being gathered as means of refining the implementation.
However, users can’t wait until when the firm finishes testing the feature. Some can also enable it now. Of course, support for Windows Defender to run inside a sandbox environment has been silently added since Windows 10 version 1703. Users can enable it on their Windows 10 devices.
Microsoft said it began working with the idea soon after security researchers both inside and outside of the firm had identified several ways that a hacker or attacker can take advantage of vulnerabilities in Windows Defender antivirus’ content parsers that could enable random code execution.
Google’s Tavis Ormandy, one of the most infamous researchers, identified several ways that these vulnerabilities can be carried out. He also mentioned one that is called “crazy bad.”
Ormandy had privately and also publicly told Microsoft to move the Windows Defender antivirus into the Sandbox and prevent hackers from using it as a way to take over Windows computers.