The internet can be a dangerous place, and there is more at stake if your device is compromised by malware than ever. Your passwords could be stolen, sensitive details, like your bank information, social security number, or medical information could fall into the wrong hands. If nothing else, it is just extremely inconvenient to have a PC infected with malware.
Luckily, if you have the Pro version of Windows 11, there is a fantastic tool built-in that lets you test programs in advance to see if they’re actually malware masquerading as a normal program.
What is Windows Sandbox?
Windows Sandbox (WSB) is a special virtual machine available in Windows 11 Professional (or higher) editions.
Windows Sandbox always launches the same version of Windows that you have currently installed on your PC. So, if you have Windows 11 with 25H2 and the latest updates installed, any Sandbox instances you open will have them too.
Unlike most virtual machines, Windows Sandbox completely wipes itself every time you close it and reopen it. Nothing you do is permanent, and that is part of what makes it such a useful tool.
Windows Sandbox makes testing programs safer
Virtual machines are always isolated from the host device (which is your physical PC) to some degree, and that isolation provides a huge security benefit. Under normal circumstances, malware can’t “escape” the virtual machine to infect your real PC.
It is technically possible for malware to escape from a VirtualMachine and infect your device, but it is pretty rare. Your run-of-the-mill malware isn’t likely to be sophisticated enough to do it.
That means you can use Windows Sandbox, which automatically wipes itself, to test out any software that you don’t completely trust in a relatively safe environment. After you get a look at what it does, you can decide whether or not you want to install it on your PC.
As an added precaution, you can always download the programs you want to test in advance and then disable the Hyper-V network adapter before installing them. That ensures that if you do install something malicious in Windows Sandbox that it can’t spread to a vulnerable device on your network.
I don’t usually bother with that when testing a program I’m unsure of, but I always do it when I’m experimenting with known malware.
Troubleshooting problems is easier in a sandbox
Sometimes, when a program or Windows crashes, you can’t immediately tell what has gone wrong. Is it a driver incompatibility? A hardware incompatibility? Is it a corrupted file?
If you’re lucky, the problem program will generate some kind of error log that might point you in the right direction. However, if they don’t, narrowing down what the problem is can be time-consuming and frustrating. This is another area where Windows Sandbox can shine.
Since Windows Sandbox is disposable—the entire thing is deleted every time you close it—you don’t need to worry about tweaks you made to your system affecting the app you’re testing.
In practice, this lets you rule out a few things when trying to debug a crash-happy application. For example, if you launch the program in Windows 11 Sandbox and on your regular “bare metal” Windows 11 installation, if it crashes on your bare metal PC but not the Sandbox, you can be reasonably sure that a compatibility issue with Windows isn’t the issue.
You’re also free to fiddle with settings, tweak the Windows Registry, or apply dubious fixes and patches that aim to fix the problem without worrying about breaking your regular PC.
Setting up Windows Sandbox on Windows 11
One of the best parts of the Sandbox is just how incredibly easy it is to use and setup.
To enable it, search for turn windows features on or off in the Start Menu, then click the matching result.
Scroll until you find the entry for Windows Sandbox, then tick the box next to it.
You’ll need to restart your PC, but other than that, you’re done. From here out, all you need to do is search Windows Sandbox in the Start Menu to launch a Sandbox.
Alternatives to Windows Sandbox for Windows 11 Home
If you don’t have Windows 11 Pro, you can’t use the Sandbox, but that doesn’t mean you can’t get the benefits of a virtual machine (VM) test bed. You just need to use something like VirtualBox instead.
Realistically, it provides most of the same benefits. The only real downside is that VirtualBox VMs don’t automatically and instantly reset every time, so you’ll need to manually delete and recreate them.
How else can you test applications?
If you don’t have Windows 11 Pro to run Windows Sandbox, and you can’t run a virtual machine of another kind, there are a few other big things you can do to minimize your risk.
Run everything through VirusTotal
VirusTotal is website that ties together dozens of different antivirus services in one convenient package. All you need to do to use it is to attach the program you want scanned. After a moment, it’ll return results from all of the services simultaneously.
There are also often public comments relating to files that have previously been uploaded, which means you may be able to find out if other people have had an issue.
I don’t run most of the applications I try out through VirusTotal in advance, since I’m usually pretty confident that they’re safe from the onset. However, if I download something from a suspicious source, or if it is acting strangely, VirusTotal is a fantastic resource. As a precaution, everything I write about at How-To Geek goes through VirusTotal too.
Read Reviews
Though reviews aren’t everything, an overtly malicious app will usually spur some conversation on the internet. Whenever I can, I skim reviews and discussions about an app before I install it.
There are no absolute security guarantees on Windows or any other operating system, but a bit of caution combined with a Windows Sandbox disposable virtual machine, you can add another layer of security to your PC that just might save you a huge headache.
