Researchers sandbox Windows Defender and here are the results

By: Costea Lestoc
2 minute read

The software experts from Trait of Bits, a well-known security R&D company sandboxed Windows Defender to see what could happen.

In case you didn’t know, sandboxing is a tech term that refers to the act of running an app inside a dedicated container. These containers are extremely restricted, and they prevent attacker’s from exploiting OS and app vulnerabilities.

Windows Defender doesn’t run in a sandboxed environment

Windows Defender has been an essential part of the Windows app portfolio for 13 years, but it doesn’t run in a sandboxed environment by default. Modern apps such as Chrome or the Java virtual machine use app containers to protect their users against cyber attacks.

Severe bugs flooded Windows Defender

During the past months, Google engineers (part of the Project Zero security team) have proven the high vulnerability of Windows Defender by exposing multiple bugs. Hackers could exploit these security issues to to take full control over vulnerable machines.

Microsoft engineers did sandbox a few Windows apps such as Device Guard to keep Windows systems safe. Compared to previous operating systems, Windows 10 is extremely well protected.

The AppJailLauncher sandboxing framework

The ToB team developed a framework coded in Rust that runs Windows apps inside their own sandboxes. They also open-sourced the framework on GitHub. You will find it there as AppJailLauncher.

The AppJailLauncher will allow you to wrap the I/O of an app behind a TCP server allowing the sandboxed app to run on an entirely different machine for stronger security.

The researchers have also open-sourced the sandboxed version of Windows Defender on GitHub through the project called Flying Sandbox Monster.

The experts from Trail of Bits have also pointed out the reason for which Microsoft didn’t sandbox Windows Defender – it’s all about the app’s potential performance dip. However, team proved that Windows Defender can be sandboxed without affecting performance-related metrics.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading

Discussions