What is Windows Sandbox, How to Install and Use Safely to Test Apps

Affiliate Disclosure
BinaryFork uses affiliate links. That means that when you will decide to buy or download something by clicking a link on our website, we may earn a small commission at no extra cost to you. This commission is meant to keep our website up and running. More details
  • Security threats are becoming more complex, but operating systems are fighting back to keep users secure.
  • Running untrusted programs and apps in a secure environment, called a sandbox is one way to make sure your data is safe.
  • Read on and find out what Windows Sandbox is, how to install on your machine and how to use it to test apps.
sand box

I’m no security expert and had my fair problems with computer viruses in the past. That was a while ago, and thankfully I’ve never lost important data to viruses, malware, or phishing. I’ve lost data to hard drives failing, overwriting important documents, and Google Drive sync issues recently, but that’s pretty much it.

I’m not what you would call very cautious when it comes to what I do and click online, but I generally know what not to do, so this is one reason I didn’t get into trouble.

If you’re not as lucky as I am I’m going to show you a way to test programs you don’t trust in a secure environment in Windows. This article is about an interesting security feature built into some Windows editions, called simply Windows Sandbox.

Let’s see what it does first.

What is Windows Sandbox?

A software sandbox is an isolated environment where you can safely run code that won’t have access to resources and data outside its container. This is a very safe way to test something without affecting the main system.

Windows Sandbox is a very lightweight desktop environment, a Windows Lite if you wish, where you can run software in isolation, or “sandboxed”.

windows sandbox logo

The Windows Sandbox is temporary: you open it, do your thing, and when you close it, the sandbox resets completely. Open it again and it’s like brand new. You can’t continue where you left off. There’s simply no resume.

Apps installed on your Windows machine are not available in Windows Sandbox. If you need them you have to install them again in the sandboxed environment.

Windows Sandbox is not available in the Home Edition of Windows, but it looks like there are ways to install it there if really needed. That’s because Windows Sandbox uses the virtualization options available in the Pro and Enterprise Editions to create a completely isolated sandbox from the kernel and the physical machine hardware.

It’s a bit complicated, I know, but the TLDR is that Windows Sandbox is a lightweight, fast and secure type of isolated virtual machine for testing programs you don’t trust or apps you don’t want to have access to your local machine hardware and its stored data.

How to Install Windows Sandbox

The Windows Sandbox environment is included in Windows 10/11 Pro, but it’s not active by default. It’s an Optional feature that you must activate separately.

Don’t worry: we have a guide for adding and removing optional features in Windows. Just pick Windows Sandbox from the list.

windows features sandbox

Make sure first that your system meets the requirements below. Also, go to your BIOS/UEFI and enable virtualization. It won’t work without it. You may need to check your motherboard’s manual to figure out where the option is located and how it’s called.

Windows Sandbox Requirements

You can’t run Windows Sandbox on any machine, so a few requirements need to be met firsthand. These are:

  • Windows 10 Pro, Enterprise, Education, Windows 11 Pro
  • AMD64 or ARM64 compatible CPUs (this covers almost everything)
  • Virtualization enabled in BIOS/UEFI
  • Minimum 4 GB RAM (8 GB recommended)
  • 1 GB free storage space
  • Minimum 2 CPU cores (4 cores with hyperthreading recommended)

A reboot will be required for the installation to complete, so save your work and go ahead.

How to Test Untrusted Apps in Windows Sandbox

After completing installation you can search for the Windows Sandbox app in the Start menu.

windows sandbox launch start menu

Launch it and you will be greeted in a few seconds with something that looks exactly like Windows.

microsoft sandbox running

You will need to copy the app installer you intend to install from your local machine into the sandbox. Just Copy and Paste from Windows Explorer into the Windows Explorer instance you will open inside the sandbox. Then double click to install. You know the drill.

You could also use the Microsoft Edge browser inside the sandbox to download the app if it’s hosted somewhere on the Internet because Windows Sandbox has access to the Internet automatically through your local connection.

windows sandbox install program
I’ve installed Firefox for testing Windows Sandbox

The sandboxed environment works just like the Windows you know and hate love. It’s also pretty fast for a VM. I was really surprised by how snappy and responsive it felt.

windows sandbox app running

Make no mistake, it’s a very lightweight version of Windows, just for testing purposes. So don’t expect every option to be available. This is what the Start menu looks like.

windows sandbox start menu options

Right now Windows Sandbox is not even able to reboot. So, if you’re installing an app that requires a system restart, you’re out of luck. Microsoft is working to bring this option starting with build 22509, but for now, it isn’t supported.

If you’re reading this article in the future here’s how to check your current Windows build number.

When you’re done testing, you can either shut down from the Start menu or close the Windows Sandbox application window. Either way, you’ll get a warning that everything will reset.

Virtual Machines as Alternatives

Maybe you’re asking why not use a virtual machine instead. You could, that’s right, but for something quick and dirty I think Windows Sandbox is a much better alternative.

Virtual Machine will take a bit more time to set up, but they come with extra features and full Windows functionality. If you’re planning to resume work then VMs are definitely the way to go.

For quick testing, I think Windows Sandbox is a convenient alternative.

I’ve tried something cool (I think): running Windows Sandbox into a virtual machine. For double safety, you know.

Microsoft says it’s possible, with a few tweaks, but I was not able to make it work. Maybe you’ll be luckier and let me know how you did it.

windows sandbox failed to initialize
Error 0x80370106 running Windows Sandbox in a VM

Before we end I think I need to mention that your private data, things like your credit card number and other sensitive personal info is not secure in an isolated sandbox if you’re willing to give it away to a shady website for example.

Providing that info into a website inside a sandbox is no different than doing it in your regular browser. I think it’s common sense, but also worth pointing out.

Avatar for JP
I'm obsessed with technology, science, and gadgets. I write about them since 2003. I make websites because I like to build stuff. I'm also passionate about digital marketing and graphic design. I watch movies and play games in my spare time. I'm also reading books, mostly SciFi.

Get notified when new posts are published

Subscribe and receive notifications for newly published articles.

We want to hear what you have to say:

Your email address will not be published.

Our readers appreciate heated debates, as long as they remain polite, so they ask for your respect, even if you don't completely agree with them. Thanks!

The written content on our website is available free of charge because of the ads we're showing. Please support our efforts and deactivate your AdBlocker when you visit our site. Thank you!

Get updates directly to your inbox

Subscribe and receive notifications for newly published posts.