Windows may use virtualization-based security by default, but I'm not aware of macOS or Linux doing the same -- Apple builds security directly into the silicon such that no virtualization is required, and Linux just rawdogs everything.
Whether that counts is up to you. I suppose it's still "sandboxed" in that it runs in a less privileged context than the kernel.
Whether that counts is up to you. I suppose it's still "sandboxed" in that it runs in a less privileged context than the kernel.