The idea of having a fast, disposable VM at the palm of my hand appeals to me very much. It makes adding an extra layer of security to any thing I want to do so easy – just launch the sandbox application in a matter of seconds and you’re done. Of course, that is considering the VM actually does the job it’s supposed to do…
A little disclaimer beforehand – I’ve read the article Beware the perils of Windows Sandbox at Magnitude8, describing how the Windows Sandbox comes with a NAT pre-enabled and thus any malware running on the guest would still get a direct access to your intranet, which is already a large problem. But for the purpose of this question, let us just consider the host-guest scenarios.
Windows Sandbox claims to “achieve a combination of security, density, and performance that isn’t available in traditional VMs”, by leveraging a different approach to memory and disk management. If I understand things correctly, everything that in theory can be safely shared between the host and the guest, gets shared. According to the official documentation, the Sandbox shares both the host’s immutable system files, as well as the physical memory pages.
Despite that, Microsoft seems to remain confident that their solution is secure as implied by one of bullet points mentioned in the Sandbox overview:
Secure: Uses hardware-based virtualization for kernel isolation. It relies on the Microsoft hypervisor to run a separate kernel that isolates Windows Sandbox from the host.
This obviously raises a lot of questions, because at the first glance, all this resource sharing should increase the attack surface greatly, leaving more space for exploits to be found. Also, even the most sophisticated technology, which changes only the implementation and not the design, does ultimately make the discovery of an exploit only more time and resource consuming, but not less possible, doesn’t it?
So, my question is
Would you consider Windows Sandbox to be a viable alternative to conventional VM solutions in terms of security, or do the shortcuts used to achieve the performance undermine the VM’s core principles too much? Or am I just not understanding the technology and all of what the Sandbox is doing is technically safe?
An extra question: Does the situation change when we’re talking about a web-based attack, such as opening a malicious site in a browser from within the Sandbox, or does it come down to the same situation as running an infected executable? (disregarding the extra layer of sandboxing done in the browser itself)