1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Win 10 Defender _ sandbox

Discussion in 'General Network Security' started by AndreiV, Mar 22, 2019.

  1. AndreiV

    AndreiV Very Senior Member

    Joined:
    Aug 25, 2015
    Messages:
    731
    Location:
    пішли на риболовлю
    L&LD and CrystalLattice like this.
  2. AndreiV

    AndreiV Very Senior Member

    Joined:
    Aug 25, 2015
    Messages:
    731
    Location:
    пішли на риболовлю
    The article didn't mention turning the sandbox off .

    Run the command again replacing "1" with "0".

    Code:
    setx /M MP_FORCE_USE_SANDBOX 0
     
    L&LD likes this.
  3. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,105
  4. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    13,991
    Location:
    San Diego, CA
    Really odd feelings here - for an AV to be effective, it really cannot be in a sandbox, lest it misses things that affect the WinNT kernel directly, or goes as Admin privs...

    Only folks I would trust at that level, unfortunately, is Microsoft for Windows...
     
    L&LD likes this.
  5. AndreiV

    AndreiV Very Senior Member

    Joined:
    Aug 25, 2015
    Messages:
    731
    Location:
    пішли на риболовлю
    Err , it works, it is proven and it is Microsoft.

    The processes are run at lowest privileges and prevent malware executing and compromising the system , the data stays within the sandbox.

    https://www.microsoft.com/security/...-defender-antivirus-can-now-run-in-a-sandbox/

    There are plenty of other write ups at Microsoft.

    Tavis Ormandy described it as a game changer.

    https://www.howtogeek.com/fyi/windo...-secure-sandbox-mode-heres-how-to-turn-it-on/
     
  6. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    2,657
    Location:
    texas
    This looks interesting. I may try it on a couple of machines.
     
  7. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    30,248
    Location:
    Canada
    From what I understand, the antivirus is split in two. There's the part that accesses the system data to be analyzed (let's call it "the scanner process"), which then pass it along to an "analyzer process" that runs with low privileges, and which does the actual analyzing/unpacking/scanning task. So if an object passed to the analyzer tries to exploit a flaw in the engine (for example, if there was a flaw in the unzip engine), the only thing compromised then is that process that has no system privileges.
     
  8. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    13,991
    Location:
    San Diego, CA
    Yep - Defender is the only AV I would trust on Windows...
     
    L&LD likes this.
  9. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    2,657
    Location:
    texas
    I installed it on a laptop and a desktop.
     
    L&LD likes this.
  10. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,105
    Any difference in the systems? Slowdowns or stalls? What kind of hardware specs on those?
     
  11. coxhaus

    coxhaus Part of the Furniture

    Joined:
    Oct 7, 2010
    Messages:
    2,657
    Location:
    texas
    I have noticed any difference yet but I have only used it for an hour or so. I installed it right after the Microsoft Win10 update tonight.

    They are both Dell's with I7 CPUs.
     
    L&LD likes this.