Microsoft's Releasing a new 'Office' app for Windows 10

Microsoft's Releasing a new 'Office' app for Windows 10

"Any software installed in Windows Sandbox stays only in the sandbox and can not affect your host".

The security update is also available for Windows 7, Windows 8.1, and Windows Server.

While the Office App for Windows 10 appears to be a polished version of the My Office experience, equipped with new Office icons and all, it's also a PWA developed app that brings the denser functionality from Office.com to the desktop. That feature has now been officially announced with a new name, Windows Sandbox.

A few hours ago Microsoft published a blog post, in the Windows Kernel Internals section, detailing "a new lightweight desktop environment tailored for safely running applications in isolation".

More news: Senate to vote Wednesday on stopgap funding bill

Malicious application specifically created to bypass the Windows Sandbox will likely appear in the future, but the feature significantly raises the bar for most malware out there. Sandboxes or virtual machines trick software into thinking it is running natively on a PC, while only actually allowing it to perceive specific, isolated portions of the host PC's hardware and software resources.

For that reason, Windows 10 Home users won't be able to access the sandbox feature. Underneath, it uses Windows Containers tech and employs dynamic links to the host's system files on disk and in RAM. "It's now available to Windows Insiders (Fast) and will roll out to all Windows 10 users soon". This means that if the sandbox has a low priority thread, it can be displaced by a higher priority thread from the host.

Another "hybrid" design choice that Microsoft made was in how Sandbox shares memory with the host system.

BleepingComputer has reached out to Microsoft with numerous questions regarding whether installed apps will be included in the sandbox, but had not heard back at the time of this article. It uses hardware-based virtualization for kernel isolation and boasts integrated kernel scheduler, smart memory management, and virtual GPU. Named for the private browsing mode of the company's Edge web browser, InPrivate Desktop was claimed to add an integrated, high-performance virtual machine (VM) to Windows 10 which can be fired up to run a single untrusted application and automatically 'recycled' when the app is closed, insulating the host operating system from any ill effects.

Related Articles