Ironically, even though the recommended use for this in the opening paragraph is to combat malware, I think that will be the one thing this feature is no good at. Doesn’t even moderately sophisticated malware these days try to detect if it’s in a sandbox environment? A fresh-out-of-the-box Windows install must be a giant red flag for that.<p>But I’m not complaining, because I can think of many other awesome uses for this. It’s great to both have such a useful feature and see that the Windows kernel team is still pressing ahead with new technology.