Windows Defender can now run in a sandbox

Full details on it here:

https://cloudblogs.microsoft.com/mi...-defender-antivirus-can-now-run-in-a-sandbox/

But in essence, run the following from an elevated command prompt then reboot:

setx /M MP_FORCE_USE_SANDBOX 1

Trying it out and so far I've noticed no slowdowns.

Interesting, thanks for finding that.

For those who don't appreciate why this is a good thing, Windows Defender naturally runs with some fairly high privileges and is thus a prime target for malware attacks. By running Windows Defender in a sandbox any malware that does manage to infect it can't affect the rest of the system.

The general trend in anti-malware now is moving towards isolation rather than detection (or I should say, as well as detection). Malware running in an isolated sandbox is like a vrius in a contained environment - it's still alive but it can't hurt anyone. Isolation provides guaranteed protection against zero-day attacks too.

thats quite decent