Microsoft is working on a ‘throwaway sandbox’ for one-time execution of untrusted software, which could end up as a feature of Windows 10 Enterprise at some point.
Microsoft looks to be adding yet another previously undisclosed new feature to Windows 10: A new security feature called “InPrivate Desktop.”
The InPrivate Desktop feature, which acts like a “throwaway sandbox for secure, one-time execution of untrusted software,” according to BleepingComputer.com, may be a Windows 10 Enterprise only feature. Bleeping Computer saw mention of a preview version of the feature in Microsoft’s Insider Feedback Hub as part of a bug-bash quest, according to their August 8 post on the topic.
The coming InPrivate Desktop feature may be codenamed “Madrid,” based on information from the quest, which also described the feature as “an in-box, speedy VM (virtual machine) that is recycled when you close the app.”
As I blogged recently, Microsoft also is working on a new multi-session remoting capability for Windows 10, which likely will take the form of a new Windows 10 SKU called “Windows 10 Enterprise for Remote Sessions,” based on information discovered during the testing of Windows 10 “Redstone” 5.
InPrivate Desktop sounds somewhat similar to Windows Defender Application Guard (WDAG). WDAG isolates potential malware and exploits downloaded via the browser and isolates and contains the threat. WDAG uses virtualization-based security, isolating potentially malicious code in containers so it can’t spread across company networks.
I asked Microsoft for comment on InPrivate Desktop and was told by a spokesperson the company had no comment. My guess is InPrivate Desktop may not make it into Windows 10 “Redstone” 5, which is expected to roll out to mainstream users as of October 2018 or so. It might end up being part of the next feature release for Windows 10, codenamed “19H1.”