It's not common to find free software that seems to be as rich in features and performance as its commercial rivals, but in terms of Windows Defender, it's probably one of the best free antivirus and anti-malware products Solutions out there. Many trust that they will not even use an additional antivirus solution, and Microsoft takes that responsibility seriously by constantly checking the capabilities of the software.
In a brand new Windows Insider build, a massive overhaul of Defender can be found. After years of identifying the best direction for Defender use, Microsoft decided that implementing Sandboxes was the only sensible way, a technique we've already used in many software programs.
Windows Security Center in Windows 1
Microsoft notes that redesigning Defender to use sandboxing is not an easy task, but it's an important way to spend developer effort, as it really does saving someone's bacon (or veggie bacon) is hit by a malicious piece of digital software. When a threat occurs, Defender now keeps it in the sandbox, preventing the rest of the system from becoming infected, causing more corruption.
Microsoft admits that sandboxes were eventually implemented due to privilege escalations would be possible with the current design, though the official blog entry states that there is no indication that the design is being exploited (and it is extremely difficult to do it). The breaking out of a sandbox is "so much more difficult with the latest versions of Windows 10" according to this post.
App Protection in Windows Defender
For a normal Joe or Jill, implementing a sandbox does not seem to be a big deal, but there are extremely important precautions to take. Of course, a sandbox still needs access to the main system, which means that performance can be pulled down if there is too much back and forth between the host operating system and the Defender sandbox. At the same time we have to make sure that the implementation is as safe as possible.
Challenges have been to reduce I / O costs, which is very important for older hardware, and to be smarter about what bits of data are sourced from a server, potentially infected file, rather than scanning the entire thing. You can imagine how hungry Defender would become if you wanted to extract a large archive; This basic process can already be slowed down by Defender, and sandboxing could make it even worse technically. Not that you would complain too much about the impact on performance if you manage to make your PC more secure.
If you're running the latest preview version of Windows 10, you should now have instant access to the original version of this sandbox-enabled Defender. For the rest of us, we have to wait for many beta tests. And after the update debacle in October, it's smarter than ever to adopt the "more secure" setting when it comes to new Windows features.