Windows 11 gets isolation support to run Win32 apps

Windows 11 enhances system security with isolation for Win32 applications, and developers can get start implementing the feature right now.

OneDrive new UI 2023
OneDrive new UI 2023 / Image: Microsoft
  • Windows 11 can now run legacy Win32 apps isolated from the main system.
  • This new sandbox approach will help to improve security.
  • The technology is now available in preview for developers to implement on their apps.

Windows 11 now has isolation support for legacy Win32 applications for consumers and business users. According to the company, developers can now ship their applications using a sandbox container to isolate them from the rest of the operating system to protect the system from malware and other threats, thus improving security.

The new approach will help to prevent programs from having unexpected or unauthorized access to critical internal subsystems, minimizing the damage to setup if an app is compromised. In other words, this new technology will make it more difficult for attackers and malicious code to exploit vulnerabilities and spread out to other applications or components of the operating system.

The new technology is now available as a preview, but it’s not a feature you can enable on Windows 11. Instead, it’s a security feature based on the AppContainers foundation that developers must implement on their apps. Microsoft is dedicating a page on GitHub with the resources and instructions for developers to get started isolating their applications.

Although this is a new feature, it’s not the first time the company has attempted to containerize applications to improve security. Sandbox is a feature part of the Pro, Enterprise, and Education editions that creates an isolated Windows desktop environment that allows users to run untrusted applications or browse web pages that may be malicious.

Furthermore, Microsoft Defender Application Guard is another solution that creates a virtualized environment that isolates an instance of Microsoft Edge to browse untrusted websites without affecting the main setup.

About the author

Mauro Huculak is a Windows How-To Expert who started Pureinfotech in 2010 as an independent online publication. He has also been a Windows Central contributor for nearly a decade. Mauro has over 14 years of experience writing comprehensive guides and creating professional videos about Windows and software, including Android and Linux. Before becoming a technology writer, he was an IT administrator for seven years. In total, Mauro has over 20 years of combined experience in technology. Throughout his career, he achieved different professional certifications from Microsoft (MSCA), Cisco (CCNP), VMware (VCP), and CompTIA (A+ and Network+), and he has been recognized as a Microsoft MVP for many years. You can follow him on X (Twitter), YouTube, LinkedIn and About.me.