Windows Sandbox is a temporary virtual desktop environment designed to run untrusted software.  The isolated environment allows testing or running software without the fear of affecting your host computer.  Windows Sandbox also has a built-in browser and network support, so you can test opening a suspicious link/website.  The Windows Sandbox is a lightweight, clean virtual machine designed to open quickly and wipe all changes when the sandbox is closed.


  • Windows 10 Pro or Enterprise Insider build 18305 or later (1903 is supported)
  • AMD64 architecture
  • Virtualization capabilities enabled in BIOS
  • At least 4GB of RAM (8GB recommended)
  • At least 1 GB of free disk space (SSD recommended)
  • At least 2 CPU cores (4 cores with hyperthreading recommended)

Enable the Windows Sandbox feature:

From the start menu search for and launch ‘Turn Windows features on or off’.

Check the box for Windows Sandbox and click Ok.

Restart your computer if prompted to do so.

Running Windows Sandbox:

From the Start Menu search for Windows Sandbox.

Right Click on the app and Run as Administrator.

The Windows Sandbox will launch.  You can see it has Microosft Edge installed and should be ready for internet access if your host has internet access.

Windows Sandbox will allow you to copy files such as an executable you wish to test with a right click copy and right click paste into the Sandbox.

You can now do all your testing and then X out of the Windows Sandbox.  You will be greeted with this prompt reminding you that all changes are permanently lost when the Sandbox is closed.  This is by design and there is not a way to preserve changes.

Testing Malicious software or links in Windows Sandbox:

Important to note that if you plan to use Windows Sandbox to test malicious software or an environment to test suspicious websites you should have the Host computer on a segregated network.