Skip to main content

Microsoft Broke Windows Sandbox, Application Guard With a Recent Update

(Image credit: Microsoft)

Windows updates are supposed make the operating system more secure. But on May 24 a cumulative update to the Windows 10 May 2019 Update had the opposite effect by causing Windows Sandbox and Windows Defender Application Guard to fail to start for some users.

Microsoft announced Windows Sandbox in December 2018 as a new way for its Pro and Enterprise customers to isolate apps on their systems. That sandboxing can be critical to some people, whether it's because they knowingly work with risky software or because they're at higher risk of being attacked. But now the feature is here and it's throwing a "0x800705b4" error when people try to launch it.

Meanwhile, Windows Defender Application Guard is used by Microsoft's enterprise customers to make sure risky behavior from some of their employees can't lead to more serious problems. Its failure to launch could make those companies vulnerable to attack--or simply let people access websites their bosses don't want them visiting--until the problem is addressed. (We suspect visiting blocked sites is more likely.)

Microsoft acknowledged the issue in two support documents. The first document explained that affected users should be able to launch Windows Sandbox and Windows Defender Application Guard after they set new registry keys using a local admin account and then restarting the Host. The company also said that it's "working on a resolution and will provide an update in an upcoming release."

The second document claimed the issue only affected devices in which the operating system language is changed during the update process when installing Windows 10, version 1903." (Which is the Windows 10 May 2019 Update.) Microsoft reaffirmed that it's working on the issue and that it estimated a fix "will be available in late June." Until then, it appears the registry key workaround is the only solution available.

This is just the latest in a string of mishaps involving Windows updates. While some issues are to be expected when a major operating system update debuts, effectively breaking two security features is particularly troublesome. At this point the question has shifted from "will the next Windows update break something?" to "what is the next Windows update going to break?" That's not particularly comforting.