If a user has administrative rights, the attacker would get these rights as well; this would allow the attacker to install and run software, and modify system settings among other things.
When it ships, Windows Sandbox will allow users to run potentially risky executables and other files in an isolated environment. It's an extension of a feature that's already part of Windows 10 that will let you run whatever app you want in a dynamically created and destroyed VM. After closing the Windows Sandbox, all of the software's state and files are permanently deleted.
Note that this feature is only coming to Windows 10 Pro and Enterprise, so it's mainly aimed at businesses and professional users. "So rather than paying the full cost of booting the sandbox operating system every time we start Windows Sandbox, we use two other technologies; "snapshot" and "clone", Microsoft explains.
Malicious application specifically created to bypass the Windows Sandbox will likely appear in the future, but the feature significantly raises the bar for most malware out there. Here's what you need to know. From your main computer (host) copy the executable file and paste it inside the Windows Sandbox environment.More news: IPL auction: Chakravarthy, Unadkat emerge most expensive buys at Rs 8.40 crore
More news: White House communications official says President Trump 'very focused' on wall funding
More news: Why Trump can't count on the Supreme Court to kill Obamacare
Basically, think of it as a virtualised version of Windows, running on its own kernel, yet clocking in at a mere 100MB and isolated from the outside world.
The Office app was released under the Windows Insiders (Fast) program, meaning it will be available to all Windows 10 users for free very soon.
It is not known if your installed applications on the host OS will also be available in the Windows Sandbox.
The host and the sandboxed applications will also share the same physical memory pages, but Microsoft claimed that this is done in a secure way, so that no secrets are shared. It uses hardware-based virtualization for kernel isolation and boasts integrated kernel scheduler, smart memory management, and virtual GPU. It's just not necessary, thanks to OneDrive integration with Windows 10 and the Most Recently Used (MRU) document functionality in all Office applications. Older cards use software-emulated graphics.