Windows Defender Antivirus μπορεί να τρέξει μέσα σε sandbox στα Windows 10, from version 1703 onwards.
What does this mean;
By place of Windows Defender Antivirus inside a sandbox, the Microsoft κάνει πολύ δύσκολο για τους προγραμματιστές κακόβουλου λογισμικού να αποκτήσουν πρόσβαση σε κρίσιμα χαρακτηριστικά του συστήματος, καθώς τα sandboxed προγράμματα είναι απομονωμένα από το υπόλοιπο σύστημα, έχοντας εξαιρετικά περιορισμένη πρόσβαση στη μνήμη και ελάχιστους πόρους στον δίσκο.
Enabling a restricted runtime environment for Windows Defender Antivirus is a decision Microsoft made when too many researchers security they characterized the anti-virus solution as a program that can be used for attacks!
Windows Defender Antivirus uses administrator and system privileges to be able to constantly monitor and destroy malicious attacks, making it an ideal target for attackers who want a simple way to obtain administrator privileges in the victim's system.
With Windows Defender Antivirus on mode sandboxed as Windows' default anti-virus solution, Microsoft wants to be sure that those who manage to exploit security holes in Windows Defender will not be able to gain system or administrator privileges.
Windows Defender Antivirus and the rest of Windows Defender's Stack ATP are integrated with other Microsoft 365 security components to form the new Microsoft Threat Protection.
Although Microsoft only opens the Windows Defender Antivirus feature for Windows Insiders, other Windows 10 users can also enable the feature with a command prompt.
Open a command-prompt window with Administrator permissions (in Windows search, write cmd and the icon to display, right-click and open as administrator). When the window opens, type the following command and press Enter:
setx / M MP_FORCE_USE_SANDBOX 1
That was when you just added another security feature to your system!
Watch the Microsoft video
https://www.youtube.com/watch?v=Xy3MOxkX_o4
___________________________
- Windows Disable unnecessary services
- Malware: Why reuse the code
- Windows 10 October 2018 the failure of telemetry