Windows Sandbox is a new lightweight desktop environment tailored for safely running applications in isolation.
How many times have you downloaded an executable file, but were afraid to run it?...
Updated Dec 12, 2022
Version 11.0
Blog Post
Touffman There are approaches to securely share memory. For example, on the same machine applications share mapped executable pages of DLLs, this has been working maybe from inception of Windows (NT?). Pages can be protected from writing or can be configured to "copy-on-write". Now, DLL injection is a way to load a DLL in some process. If the process is inside the sandbox VM, how injecting a DLL in that process can affect the host? The goal of DLL injection is usually to install some hooks in a process to intercept code execution paths, and installing hooks means changing some process state, including user mode and kernel mode structures (via OS API). And that state is obviously not what makes sense to share between host and guest.
I think it must be a super critical security hole in memory protection management to make this memory sharing dangerous. And because Sandbox is not a VM which would run tons of requests, I doubt there will be big effort to hack it.