the Windows

Microsoft has announced the public preview of Win32 Application Isolation, a new Windows 11 security feature designed for sandboxed 32-bit desktop applications.

Recently announced at Microsoft’s Build 2023 conference, Win32 Application Isolation uses Application container to enhance security by mitigating potential harm from compromised applications and protecting user privacy.

It also ensures that applications run with low privileges and implements the principle of least privilege to prevent unauthorized access to user information without first seeking consent.

“The Win32 application is launched as a low-integrity process using AppContainer, which is recognized as a security boundary by Microsoft,” said David Weston, Microsoft vice president for enterprise and operating system security. .

“Therefore, the process is limited to a specific set of Windows APIs by default and is unable to inject code into a process operating at a higher integrity level.”

If an application vulnerability is exploited, the AppContainer runtime ensures that the Win32 application remains limited to the resources granted within its boundaries.

This prevents malicious applications from taking over the entire system, providing an additional layer of defense and protecting the system against possible compromise attempts.

Application developers can update their Win32 applications by implementing isolation measures using tools made available by Microsoft.

This allows them to strengthen the overall security of their software and the devices it will run on by ensuring that it does not add to the attack surface of the system.

For comprehensive guidance and more details on isolating Win32 applications, developers can visit this GitHub page which provides valuable information on getting started and the tools needed to repackage MSIX applications to run in isolation.

“Win32 Application Isolation joins the family of existing Windows sandbox options, such as Windows Sandbox and Microsoft Defender Application Guard,” said David Weston, Microsoft vice president of enterprise and security security. Operating systems.

“While these options are based on virtualization-based security, Win32 Application Isolation is built on top of AppContainers (and more).

“AppContainers are specifically designed to encapsulate and restrict the execution of processes, helping to ensure that they operate with limited privileges, commonly referred to as low integrity levels.”


Source link