How to enable Windows Defender Antivirus in a sandbox on Windows 10

Windows Defender Antivirus can now run in a more secure sandbox environment, and you can start using the feature now. Here's how.

Windows Defender Antivirus sandbox
Windows Defender Antivirus sandbox

Windows 10’s inbox anti-malware solution, Windows Defender Antivirus, now can run in a sandbox environment making it the first security software of its kind capable of running isolated from the rest of the operating system.

According to Microsoft, the process to enable Windows Defender Antivirus in a sandbox was difficult, but it was a necessary step to help in the unlikely event of a malware attacking the antivirus to limit the attack to the sandbox, protecting the rest of the system and your data.

The company plans to start enabling the sandbox feature for its antivirus by default in future releases of Windows 10, but you can force the new security feature now using a simple command.

In this guide, you’ll learn the steps to start running Windows Defender Antivirus in a sandbox environment on Windows 10 version 1809 and earlier versions back to version 1703.

How to enable sandbox mode for Windows Defender Antivirus

If you want to run the Windows 10 default antivirus using the sandbox feature to keep activities isolated from the rest of the operating system, do the following:

  1. Open Start.

  2. Search for Command Prompt, right-click the top result, and select Run as administrator.

  3. Type the following command to enable sandbox for Windows Defender Antivirus and press Enter:


    Command to enable Defender sandbox environment
    Command to enable Defender sandbox environment
  4. Restart your computer.

Once you’ve completed the steps, Windows Defender Antivirus will start running in a more secure sandbox environment.

At any time, you can disable the sandbox mode for the antivirus using the same instructions, but on step No. 3, make sure to use this command instead: setx /M MP_FORCE_USE_SANDBOX 0

If you’re concern about the performance impact, Microsoft says that the it has designed the sandbox environment taking system resources in consideration, as such you shouldn’t see a significant degrade of system performance when enabling the feature.

About the author

Mauro Huculak is a Windows How-To Expert who started Pureinfotech in 2010 as an independent online publication. He has also been a Windows Central contributor for nearly a decade. Mauro has over 14 years of experience writing comprehensive guides and creating professional videos about Windows and software, including Android and Linux. Before becoming a technology writer, he was an IT administrator for seven years. In total, Mauro has over 20 years of combined experience in technology. Throughout his career, he achieved different professional certifications from Microsoft (MSCA), Cisco (CCNP), VMware (VCP), and CompTIA (A+ and Network+), and he has been recognized as a Microsoft MVP for many years. You can follow him on X (Twitter), YouTube, LinkedIn and Email him at [email protected].