Most commercial antivirus and anti-malware software have sandbox features to prevent malware from spreading. Microsoft took its time before they have decided to start redesigning Defender to have this in their software.
Software and apps come from anywhere in the world. New websites, hacks, and attacks are being made daily. It is logically sound to implement it now because they are aware that privilege escalation would be possible with the current software design. It may or may not be exploited if they attackers find their way into it although they say it would be an extremely difficult thing to do. Sandboxing prevents malicious code from spreading and is highly difficult for ordinary software to get out of a sandboxing situation specially with the newer Windows 10 releases.
This may not be a huge thing for ordinary users, but implementing a sandbox is an extremely important precautionary measure. Once code is run in a sandbox, it would need additional access rights before it can proceed to the main system to make changes to the actual operating system. Although during this process, performance slows down due to the OS to sandbox interaction to contain everything in the sandbox. This would guarantee its effectiveness if its implementation is secure.
I/O utilization cost should be considered particularly with older hardware. They should be smarter on how they bits of data are treated once found from a potentially infected file rather than doing doing a complete scan on the entire system. This is a major challenge they need to tackle in which it should not impede with the computers’ overall performance.
Imagine a large archived file being drastically slowed down by defender. Another large chunk of processing power would be consumed by sandboxing which would make it worse. Even though this procedure makes your computer safer, there would still have some sort of performance impact.
If your computer is running the latest preview build of Windows 10, it should include the initial version of the sandbox-enabled Windows Defender.
As for now, tons of beta testing should be done to guarantee that the software redesign for Windows Defender is working properly. With the recent failed releases for Windows, I would suggest waiting a bit until the kinks and quirks have been sorted out before getting the latest Windows version release.
Microsoft expects that the issues with the Windows 10 version 1809 zip file issues will be fixed earlier this coming November.
