The Windows Defender Antivirus can run in a sandbox on Windows 10, from version 1703 onwards.
What does this mean;
By place of Windows Defender Antivirus inside a sandbox, Microsoft makes it very difficult for developers maliciousυ λογισμικού να αποκτήσουν πρόσβαση σε κρίσιμα χαρακτηριστικά του συστήματος, καθώς τα sandboxed προγράμματα είναι απομονωμένα από το υπόλοιπο σύστημα, έχοντας εξαιρετικά περιορισμένη πρόσβαση στη μνήμη και ελάχιστους πconditions on the disc.
Activating a restricted process environment for Windows Defender Antivirus is a decision Microsoft took when too many security researchers described the antivirus solution as a program that can be used for attacks!
Windows Defender Antivirus uses administrator and system privileges to be able to constantly monitor and destroy malicious attacks, making it an ideal target for attackers who want a simple way to obtain administrator privileges in the victim's system.
With Windows Defender Antivirus running sandbox as the default Windows antivirus solution, Microsoft wants to be sure that those who manage to take advantage of Windows Defender security flaws will not be able to acquire system or administrator rights.
Windows Defender Antivirus and the rest of the Windows Defender ATP Stack integrate with other Microsoft 365 security components to form the new Microsoft Threat protection.
Although Microsoft only opens the Windows Defender Antivirus feature for Windows Insiders, other Windows 10 users can also enable the feature with a command prompt.
Ανοίξτε ένα παράθυρο της γραμμής εντολών με δικαιώματα Administrator (στην αναζήτηση των Windows γράψτε cmd και στο icon που θα εμφανιστεί, δεξί κλικ και άνοιγμα σαν διαχειριστής). Όταν ανοίξει το παράθυρο πληκτρολογήστε την παρακάτω εντολή και πατήστε Enter:
setx / M MP_FORCE_USE_SANDBOX 1
That was when you just added another security feature to your system!
Watch the Microsoft video
https://www.youtube.com/watch?v=Xy3MOxkX_o4
___________________________
- Windows Disable unnecessary services
- Malware: Why reuse the code
- Windows 10 October 2018 the failure of telemetry