[red_phone]

There is a built-in feature, known as Application Guard, on Windows 10/11 that gives you exactly this out of the box, with minimal configuration. Biggest downside is that it only works with Edge.

[cglong]

There's also Windows Sandbox right? An ephemeral VM that gets deleted as soon as it's closed.

[my123]

But you can only have one Windows Sandbox running at once...

[easton]

This seems to be an artifical limitation in Windows Sandbox, as WSL2 and Edge Application Guard both use separate VMs and you can run them all at once.

"Krypton" is the name of the isolated microVMs in Hyper-V, but they don't really document it at all.

[walterbell]

Does MS App Guard Edge isolate each browser tab and HTTP connection in a separate copy-on-write VM, like HP/Bromium SureClick?