Filter Articles

Filter by Year:

Filter by Category

Sort Order

Refine Search

Windows' built-in antivirus tool can run in a secure sandbox



Antivirus programs, by their nature, introduce a degree of risk. Since they have to scan malicious data to stop attacks (and thus need extensive permissions), a piece of malware that exploits antivirus flaws can typically run with impunity. That could be much more difficult if you're using Windows 10's built-in safeguards, though. Microsoft is gradually rolling out a Windows Insider preview where Defender Antivirus has the option of running in a sandbox - the first "complete" solution to do this, the company said. Should the worst happen and malware targets Defender Antivirus, any hostile actions will be limited to the antivirus tool's environment instead of running amok on your PC.

The sandboxing required a number of fundamental changes. Microsoft could no longer assume that Defender Antivirus had full system access, and minimized IO to avoid leaving the sandbox whenever possible. Most protection info is stored in memory-mapped files that are read-only on launch, and the actual content processes have very limited access.It's not certain when Defender Antivirus might become widely available. You can safely presume that many people will be watching this test release closely, though. Provided it works as expected, it would offer Windows users a safety net that would work even when malware creators try to undermine Defender Antivirus itself. While it wouldn't be a guarantee of security, it could offer some extra peace of mind.

Original Source:

Original Date: 10-27-18

Written By: Jon Fingas

Recent Articles

Google Voice Assistant AI May Start Calling Businesses to Confirm In Stock Delivery
Welcome Brett Maynard to the CPS Team!
June 2020 Newsletter Managed IT
TikTok - What is It and Can It be Considered a Viable Marketing Platform
Googles May 2020 Core Update Brings Substantial Volatility Spikes in SERPs
All Articles