Since the initial announcement of Windows Sandbox, we have received overwhelmingly positive feedback. Thank you for your support! We are glad that this feature resonates with the Windows community.

One of the most requested features from our customers is the ability to automatically launch an app or script in the sandbox. Coincidentally, this also aligned with our feature roadmap and is now available in Windows Insider builds.

Windows Sandbox now has support for simple configuration files (.wsb file extension), which provide minimal scripting support. You can use this feature in the latest Windows Insider build 18342.

As always, we rely on your feedback to build features allowing our users to achieve more.

NOTE: Please note that this functionality is still in development and subject to change.


Sandbox configuration files are formatted as XML, and are associated with Windows Sandbox via the .wsb file extension. A configuration file allows the user to control the following aspects of Windows Sandbox:

  1. vGPU (virtualized GPU)
    • Enable or Disable the virtualized GPU. If vGPU is disabled, Sandbox will use WARP (software rasterizer).

  2. Networking
    • Enable or Disable network access to the Sandbox.

  3. Shared folders
    • Share folders from the host with read or write permissions. Note that exposing host directories may allow malicious software to affect your system or steal data.

  4. Startup script
    • Logon action for the sandbox.

As demonstrated in the examples below, configuration files can be used to granularly control Windows Sandbox for enhanced isolation.

Double click a config file to open it in Windows Sandbox, or invoke it via the command line as shown:

C:\Temp> MyConfigFile.wsb

Keywords, values and limits

Enables or disables GPU sharing.


Supported values:

  • Disable – disables vGPU support in the sandbox. If this value is set Windows Sandbox will use software rendering, which can be slower than virtualized GPU.
  • Default – this is the default value for vGPU support; currently this means vGPU is enabled.

Note: Enabling virtualized GPU can potentially increase the attack surface of the sandbox.

Enables or disables networking in the sandbox. Disabling network access can be used to decrease the attack surface exposed by the Sandbox.


Supported values:

  • Disable – disables networking in the sandbox.
  • Default – this is the default value for networking support. This enables networking by creating a virtual switch on the host, and connects the sandbox to it via a virtual NIC.

Note: Enabling networking can expose untrusted applications to your internal network.

Wraps a list of MappedFolder objects.

list of MappedFolder objects

Note: Files and folders mapped in from the host can be compromised by apps in the Sandbox or potentially affect the host.

Specifies a single folder on the host machine which will be shared on the container desktop. Apps in the Sandbox are run under the user account “WDAGUtilityAccount”. Hence, all folders are mapped under the following path: C:\Users\WDAGUtilityAccount\Desktop.

E.g. “C:\Test” will be mapped as “C:\users\WDAGUtilityAccount\Desktop\Test”.

<HostFolder>path to the host folder</HostFolder>

HostFolder: Specifies the folder on the host machine to share to the sandbox. Note that the folder must already exist the host or the container will fail to start if the folder is not found.

ReadOnly: If true, enforces read-only access to the shared folder from within the container. Supported values: true/false.

Note: Files and folders mapped in from the host can be compromised by apps in the Sandbox or potentially affect the host.

Specifies a single Command which will be invoked automatically after the container logs on.

<Command>command to be invoked</Command>

Command: A path to an executable or script inside of the container that will be executed after login.

Note: Although very simple commands will work (launching an executable or script), more complicated scenarios involving multiple steps should be placed into a script file. This script file may be mapped into the container via a shared folder, and then executed via the LogonCommand directive.

Example 1:
The following config file can be used to easily test downloaded files inside of the sandbox. To achieve this, the script disables networking and vGPU, and restricts the shared downloads folder to read-only access in the container. For convenience, the logon command opens the downloads folder inside of the container when it is started.


<Command>explorer.exe C:\users\WDAGUtilityAccount\Desktop\Downloads</Command>

Example 2

The following config file installs Visual Studio Code in the container, which requires a slightly more complicated LogonCommand setup.

Two folders are mapped into the container; the first (SandboxScripts) contains VSCodeInstall.cmd, which will install and run VSCode. The second folder (CodingProjects) is assumed to contain project files that the developer wants to modify using VSCode.

With the VSCode installer script already mapped into the container, the LogonCommand can reference it.


REM Download VSCode
curl -L "" --output C:\users\WDAGUtilityAccount\Desktop\vscode.exe
REM Install and run VSCode
C:\users\WDAGUtilityAccount\Desktop\vscode.exe /verysilent /suppressmsgboxes


We look forward to your feedback.

Margarit Chenchev, Erick Smith, Paul Bozzay, Deepti Bhardwaj & Hari Pulapaka
(Windows Sandbox team)

Source: Windows Sandbox - Config Files - Microsoft Tech Community - 354902