Windows Sandbox – Once you boot it, you’ll not want to lose it

In this post I will cover what Windows Sandbox is, why it is still a valuable tool and how to get started with it.

Overview

I’ve been speaking to a number of IT professionals and many have either never used Windows Sandbox or even heard of it.

Microsoft introduced the Windows Sandbox feature in Windows 10 1903, so it has been around for quite a while. Microsoft sought to overcome the issue of how you quickly test software on a device without the need to buy a second workstation or deploy Virtual Machines.

  • Windows Sandbox is a Virtual Machine with a twist.
  • When it boots it creates a a sandboxed Windows environment.
  • It securely reads many of the host’s system files to support the VM.
  • When you shut it down, it destroys itself. Leaving nothing behind.
  • You can copy and paste to it and it has internet access by default.

In the most recent Windows 11 builds, you can now restart the Sandbox and it will retain its state. Shutting it down still destroys the VM.

This makes it an ideal tool for quick test and dev work.

Prerequisites

  • Windows 10 Pro, Enterprise or Education build 18305 or Windows 11 (Windows Sandbox is currently not supported on Windows Home edition)
  • AMD64 or (as of Windows 11 Build 22483) ARM64 architecture
  • Virtualization capabilities enabled in BIOS
  • At least 4 GB of RAM (8 GB recommended)
  • At least 1 GB of free disk space (SSD recommended)
  • At least two CPU cores (four cores with hyperthreading recommended)

How to Enable Windows Sandbox

A simple tick box is all that is needed!

  1. From the Windows desktop, select Start and type “features
  2. From the results, select Turn Windows features on or off.
  3. Scroll to the bottom of the Windows Features window and tick Windows Sandbox.
  4. When prompted, restart the device.

Explore Windows Sandbox

Once enabled and following the restart, you can now find Windows Sandbox in the Start Menu.

Clicking it will launch a brand new virtual machine running Windows. There is no need to login and you already have admin rights.

Out of the box you can:

  • Browse the internet (keep in mind, you can also browse the local network!)
  • Copy and Paste through the console
  • Run Powershell and Powershell ISE consoles
  • Install software

You cannot:

  • Update Windows
  • Make any persistent changes
  • Turn Windows features on or off
  • Browse the Microsoft Store
  • Add additional disks to compliment the 40GB system disk.

Note: The VM shares some system files with the host Operating System. Although the Settings app may show an older feature update of Windows in use (in Windows 10 it says 2004), in fact it is running whichever feature update version you currently have. See point number 2 in the comment below from Paul Bozzay, a Microsoft developer familiar with Windows Sandbox:

Customising Windows Sandbox

It is possible to control the following elements of the Sandbox by using a configuration file:

  • vGPU (virtualized GPU)
  • Networking
  • Mapped folders
  • Logon command
  • Audio input
  • Video input
  • Protected client
  • Printer redirection
  • Clipboard redirection
  • Memory in MB

Let’s look at how to do two common ones. We are going to:

  1. Disable network access
  2. Increase the RAM

Open Notepad and paste in the below fairly self explanatory four lines of XML code:

<Configuration>
 <Networking>Disable</Networking>
 <MemoryInMB>8192</MemoryInMB>
</Configuration>

Save the file with a name of your choice and with the file extension .wsb

For example: Sandbox-8GB-NoNetworking.wsb

You will notice that the file icon will change to the Windows Sandbox icon as long as Windows Sandbox has been enabled.

Open the file to boot a Windows Sandbox VM with 8GB memory and networking disabled.

To close it, select the X at the top right or shut down the VM via the Start Menu within the VM itself.

Conclusion

Windows Sandbox provides a fast way to test software and is easy to set up. One draw back is that in the Windows 10 version, you cannot test software that requires a restart because restarting will destroy the state of the VM. You can overcome this by using Windows 11’s Windows Sandbox implementation.

If you are using it to test untrusted files then it is important that you understand how the VM interacts with the host Operating System. I recommend reading the Windows Sandbox architecture deep dive from Microsoft here:

To make use of all the available customisations, check out the Microsoft documentation here:

Advertisement