Software experts from Trail of Bits — a well-known security R&D company — have sandboxed Windows Defender, the default antivirus solution that ships with recent Windows editions.

Sandboxing is a technical term that describes the act of running an application inside a dedicated container. These containers are usually very restricted and prevent an attacker that exploits the app from reaching the underlying operating system.

Current versions of Windows Defender aren't sandboxed

As surprisingly as it sounds, Windows Defender, a crucial part of the Windows OS does not run in a sandboxed environment by default, despite the product — in various forms and names — being part of the Windows app portfolio for 13 years.

Microsoft acquired GIANT AntiSpyware in 2004, and it used it as the starting point for the Defender app.

Other modern-day apps such as Chrome or the Java virtual machine use app containers (sandboxes) to protect users against vulnerability exploitation.

Researchers release "app sandboxing" framework

The Trail of Bits team has put together a framework coded in Rust that runs Windows applications inside their own AppContainers. Researchers open-sourced this framework — named AppJailLauncher — on GitHub.

"It [...] allows you to wrap the I/O of an application behind a TCP server, allowing the sandboxed application to run on a completely different machine, for an additional layer of isolation," said the Trail of Bits team about AppJailLauncher.

The research team also open-sourced the sandboxed version of Windows Defender on GitHub as well — via the project named Flying Sandbox Monster.

This sandboxed version is for 32-bit versions of Windows only and sandboxes Windows Defender's core component — the Malware Protection Engine (MsMpEng).

Severe bugs found in Windows Defender in the past months

In the past few months, Google engineers part of the Project Zero security team have shown how vulnerable this component is, discovering multiple bugs that could be exploited to take full control over vulnerable machines [1, 2, 3].

Some of these bugs were so dangerous that a simple email or malicious JavaScript file would have been enough to compromise victims.

Microsoft has focused in the past few years on improving Windows security. Compared to previous OS versions, Windows 10 is extremely well protected.

Microsoft engineers have sandboxed some Windows apps. For example, the JIT code compiler in Microsoft Edge is running in a sandbox. Applications such as Device Guard also detect and prevent exploitation of common vulnerabilities, keeping Windows systems safe.

Performance is the reason we don't have a Defender sandbox

As many experts commenting on Trail of Bits' experiment have pointed out [1, 2], a reason why Microsoft chose not to use a sandbox for Windows Defender might be related to the app's potential performance dip.

The Trail of Bits experiment was just a proof-of-concept in showing that Windows Defender can be sandboxed but did not focus on performance-related metrics. The technical details of implementing the Windows Defender sandbox are detailed here.