Enable Download to Host from Windows Defender Application Guard Microsoft Edge session in Windows 10
Microsoft Edge is a new web browser that is available across the Windows 10 device family. It is designed for Windows 10 to be faster, safer, and compatible with the modern Web.
Microsoft Edge running in Application Guard provides the maximum level of protection from malware and zero day attacks against Windows. Windows Defender Application Guard for Microsoft Edge is a lightweight virtual machine that helps isolate potentially malicious website activity from reaching your operating systems, apps, and data.
There is no persistence of any cookies or local storage when an Application Guard window is closed in Microsoft Edge.
Three core features of Windows Defender Application Guard:
- Isolated Browsing - Windows Defender Application Guard uses the latest virtualization technology to help protect your operating system by creating an isolated environment for your Microsoft Edge session.
- Help Safeguard your PC - Windows Defender Application Guard starts up every time you visit a non-work-related site to help keep potentially malicious attacks away from your PC.
- Malware Removal - Any websites you visit, files you download, or settings you change while in this isolated environment are deleted when you sign out of Windows, wiping out any potential malware.
Starting with Windows 10 build 17120, the Windows Defender Application Guard (WDAG) Team has introduced new improvements for users to have a better experience. One of the items users voiced in the Feedback Hub was an inability to “download files from within WDAG” to the host. This created an inconsistent experience for Edge overall as downloaded files were stuck inside the container. In build 17120, users can now turn on a feature to download files from their WDAG Microsoft Edge browsing session onto the host file system.
After this policy (feature) is enabled, users can download files from their Windows Defender Edge session to their Downloads folder and open all files on the host. The files from Application Guard will be saved in a folder called Untrusted Files nested inside the Downloads folder. This folder is created automatically when the user first downloads a file from Application Guard after enabling the policy.
Notes:
- This feature is off by default.
- Users will need to assess the files they downloaded and assume any risks of opening on the host.
Requirements:
- Latest Windows 10 Pro or Windows 10 Enterprise RS4 Builds.
- Windows Defender Application Guard feature is installed.
- Network isolation policies are configured. (optional)
This tutorial will show you how to enable or disable the ability to download files from within a Windows Defender Application Guard Microsoft Edge session to the host for all users in Windows 10 Pro and Windows 10 Enterprise.
You must be signed in as an administrator to enable or disable the ability to download files from within a Windows Defender Application Guard Microsoft Edge session to the host operating system.
- Option One: Enable or Disable Download to Host from WDAG Microsoft Edge session in Local Group Policy Editor
- Option Two: Enable or Disable Download to Host from WDAG Microsoft Edge session using a REG file
EXAMPLE: Download to host from Windows Defender Application Guard Microsoft Edge session enabled and disabled
1. Open the Local Group Policy Editor.
2. Navigate to the location below in the left pane of the Local Group Policy Editor. (see screenshot below)
Computer Configuration > Administrative Templates > Windows Components > Windows Defender Application Guard
3. In the right pane of Windows Defender Application Guard in Local Group Policy Editor, double click/tap on the Allow files to download and save to the host operating system from Windows Defender Application Guard policy to edit it. (see screenshot above)
4. Do step 5 (enable) or step 6 (disable) below for what you would like to do.
A) Select (dot) Enabled, click/tap on OK, and go to step 7 below. (see screenshot below)
A) Select (dot) Not Configured or Disabled, click/tap on OK, and go to step 7 below. (see screenshot below)
Not Configured is the default setting.
7. Close the Local Group Policy Editor.
8. Restart the computer to apply.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\AppHVSI
SaveFilesToHost DWORD
(delete) = Disable
1 = Enable
1. Do step 2 (enable) or step 3 (disable) below for what you would like to do.
A) Click/tap on the Download button below to download the file below, and go to step 4 below.
Enable_SaveFilesToHost_in_Windows_Defender_Application_Guard_Edge_session.reg
Download
A) Click/tap on the Download button below to download the file below, and go to step 4 below.
Disable_SaveFilesToHost_in_Windows_Defender_Application_Guard_Edge_session.reg
Download
4. Save the .reg file to your desktop.
5. Double click/tap on the downloaded .reg file to merge it.
6. When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.
7. Restart the computer to apply.
8. If you like, you can now delete the downloaded .reg file.
That's it,
Shawn
Related Tutorials
- How to Turn On or Off Windows Defender Application Guard for Microsoft Edge in Windows 10
- How to Open a New Application Guard Window in Microsoft Edge in Windows 10
- Enable Microsoft Edge Data Persistence with Windows Defender Application Guard in Windows 10
- How to Turn On or Off Save Data in Application Guard for Microsoft Edge in Windows 10
- How to Turn On or Off Copy and Paste in Application Guard for Microsoft Edge in Windows 10
- How to Turn On or Off Printing in Application Guard for Microsoft Edge in Windows 10
- How to Turn On or Off Camera and Microphone in Application Guard for Microsoft Edge in Windows 10
- How to Turn On or Off Advanced Graphics in Application Guard for Microsoft Edge in Windows 10
Enable Download to Host from WDAG Microsoft Edge in Windows 10
Enable Download to Host from WDAG Microsoft Edge in Windows 10
Enable Download to Host from Windows Defender Application Guard Microsoft Edge session in Windows 10Published by Shawn BrinkCategory: Security System
21 May 2021
Related Discussions
