Windows Defender Antivirus Now Has Sandbox Support

Windows Defender Antivirus can now run inside a sandbox on Windows 10, version 1703 or later, making it the first anti-malware solution for Windows capable of such a feat. 

By placing Windows Defender Antivirus inside a sandbox, Microsoft has made it very hard for malware developers to obtain access to critical system modules seeing that while being sandboxed programs are entirely isolated from the rest of the system, having extremely limited access to both memory and disk resources.

Enabling a restricted process execution environment for running Windows Defender Antivirus is a decision taken by Microsoft after receiving a lot of feedback from security researchers who marked the high privileged antivirus solution as a high-risk attack vector.

Windows Defender Antivirus uses high privileges to be able to continuously monitor and defeat malicious attacks, which makes it the perfect target for attackers who want a simple way to trigger a privilege escalation conditio... (read more)

No comments:

Post a Comment