Windows Sandbox

Very practical feature, some tests can be run in the sandbox without damaging the host, no need to configure a virtual machine.
Windows Sandbox provides a lightweight desktop environment where applications can run safely in an isolated state. Software installed in the Windows Sandbox environment remains in a "sandbox" state and runs separately from the host.

The sandbox is temporary. When closed, the system will delete all software, files, and states. Each time the application is opened, a brand new instance of the sandbox is obtained. However, please note that starting from Windows 11 Insider Preview Build 22509, data will be preserved through a restart initiated from within the virtualized environment, which is useful for installing applications that require a restart of the operating system.

Software and applications installed on the host do not appear directly in the sandbox. If a specific application needs to be run in the Windows Sandbox environment, the corresponding application must be installed within the sandbox environment.

Windows Sandbox has the following attributes:

  • Component of Windows: Everything required for this feature is included in Windows 10 Pro and Enterprise editions. No need to download VHD.
  • Native: Each time Windows Sandbox runs, it is clean like a freshly installed Windows.
  • Disposable: No content is retained on the device. When the user closes the application, the system discards all content.
  • Secure: Kernel isolation using hardware-based virtualization. It relies on Microsoft's hypervisor to run a separate kernel that isolates Windows Sandbox from the host.
  • Efficient: Integrated kernel scheduler, intelligent memory management, and virtual GPU.


Windows Sandbox enables network connectivity by default. You can disable it using a sandbox configuration file Windows Sandbox configuration file.

Windows Versions and Licensing Requirements#

The following table lists the Windows versions that support Windows Sandbox:

Windows 10 ProWindows 10 EnterpriseWindows 10 Pro Education/SEWindows 10 Education

Windows Sandbox licensing rights are granted by the following licenses:

Windows 10 Pro/Pro Education/SEWindows 10 Enterprise E3Windows 10 Enterprise E5Windows 10 Education A3Windows 10 Education A5

For more information about Windows licensing, see Windows Licensing Overview.


  • ARM64 (for Windows 11 version 22H2 and later) or AMD64 architecture for ARM64.
  • Virtualization feature enabled in BIOS.
  • At least 4GB of memory (8GB recommended).
  • At least 1GB of available disk space (SSD recommended).
  • Hyperthreading recommended (at least two CPU cores).


Windows Home edition currently does not support Windows Sandbox.


  1. Make sure your computer is running Windows 10 Pro or Enterprise edition with build number 18305 or Windows 11.

  2. Enable virtualization feature in your computer.

    • If you are using a physical computer, make sure virtualization feature is enabled in BIOS.

    • If you are using a virtual machine, run the following PowerShell command to enable nested virtualization feature:
      PowerShell code

      Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true
  3. Use the search bar on the taskbar and type Turn Windows features on or off to access the Windows Optional Features tool. Select "Windows Sandbox" and click "OK". If prompted to restart your computer, do so.
    If the "Windows Sandbox" option is not available, it means your computer does not meet the requirements to run Windows Sandbox. If you believe this analysis is incorrect, please review the prerequisites list and steps 1 and 2.

    To enable Sandbox using PowerShell, open PowerShell as an administrator and run the following command:

    PowerShell code

    Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online
  4. Find and select "Windows Sandbox" from the Start menu to run it for the first time.

    Windows Sandbox does not follow the mouse settings of the host system, so if the host system is set to use the left-handed mouse, you must manually apply these settings in Windows Sandbox when it starts. Alternatively, you can run a login command using a sandbox configuration file to swap the mouse settings. For an example, see Example 3.


  1. Copy an executable file (and any other files required to run the application) from the host and paste them into the "Windows Sandbox" window.
  2. Run the executable file or installer in the sandbox.
  3. After completing the experiment, close the sandbox. A dialog box will appear asking if you want to discard and permanently delete all sandbox content. Select "OK".
  4. Confirm that the host does not display any modifications made in Windows Sandbox.
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.