Petri Newsletter Sign-up
Tech Tuesday

Subscribe to Tech Tuesday, the latest insights from Petri.com for IT Pros.

    See All Petri Newsletters

    ‘InPrivate Desktop’ Coming to Windows 10 Enterprise

    Posted on by Russell Smith in Windows 10

    Earlier this month, BleepingComputer.com ran a report on a new security feature in Windows 10 that was exposed during a bug-bash quest in the Feedback Hub. The new feature is installed as an app from the Microsoft Store. But according to Lawrence Abrams, the app wasn’t available in the Store despite the instructions found in the Feedback Hub.

    The text of the quest read: “Microsoft is Developing a Sandboxed “InPrivate Desktop” for Windows 10 Enterprise. InPrivate Desktop (Preview) provides admins a way to launch a throwaway sandbox for secure, one-time execution of untrusted software. This is basically an in-box, speedy VM that is recycled when you close the app!”

    The prerequisites were listed as follows:

    • Windows 10 Enterprise
    • Builds 17718+
    • Branch: Any
    • Hypervisor capabilities enabled in BIOS
    • At least 4GB of RAM
    • At least 5GB free disk space
    • At least 2 CPU cores

    I tried to access a link provided in the text, referring to feature limitations, but it requires a Microsoft account associated with the Microsoft tenant. I suspect that this feature was only available for internal testing at the time of the bug bash.

    What is InPrivate Desktop for?

    While Windows 10 Enterprise users have the right to run one Windows 10 virtual machine, someone needs to set up the VM and potentially maintain it. But InPrivate Desktop looks to provide a readymade environment that users can spin up with no configuration and easily start from scratch each time InPrivate Desktop is launched. I don’t have any new technical details to share, but I think that InPrivate Desktop works like Windows Defender Application Guard (WDAG) and is based on container technology.

    WDAG provides Microsoft Edge users with a secure environment where the browser runs in a container that protects the underlying operating system if the browser session is exploited. WDAG was originally only available in the Enterprise SKU but Microsoft recently made it available to Windows 10 Professional users also. For more information on Windows Defender Application Guard, see Protect Users Against Malicious Websites Using Windows 10 Application Guard and Revisiting Application Guard in the Windows 10 April 2018 Update on Petri.

    If InPrivate Desktop turns out to work like WDAG, it will be a useful addition to the OS for organizations that want to remove administrative rights from users. One of the biggest issues with removing rights is that users can no longer install software that requires administrator privileges. InPrivate Desktop would give organizations more scope to remove administrative rights but still allow users some freedom to test new software or experiment with settings that aren’t available to standard users.

    Developers and system administrators might also find InPrivate Desktop useful when they need to spin up a test environment but don’t want to step through the Windows setup process. Although there’s no word yet if and when InPrivate Desktop will make it into Windows.

    Follow Russell on Twitter @smithrussell.

    BECOME A PETRI MEMBER:

    Don't have a login but want to join the conversation? Sign up for a Petri Account

    Register

    Register for this Petri Webinar!

    Want to Make Your Backup Storage Unlimited & Ready for the Cloud? – Free Thurrott Premium Account with Webinar Registration!

    Tuesday, August 27, 2019 @ 1:00 pm EDT

    A Scale-Out Backup storage infrastructure is a must-have technology for your backups. In this webinar, join expert Rick Vanover for a look on what real-world problems are solved by the Scale-Out Backup Repository.

    Register Now

    Sponsored By