Microsoft says WDAG may no longer launch due to a bug

May 15, 2019 12:29 GMT  ·  By

The most recent Windows 10 May 2019 Update, or version 1903, cumulative update comes with a bug that could break down Windows Defender Application Guard or Windows Sandbox.

Windows 10 cumulative update KB4497936 was published on the May 2019 Patch Tuesday to bring a series of security and non-security fixes to devices enrolled in the Windows Insider program.

Right now, users in the Slow and Release Preview rings are running testing builds of the May 2019 Update, and this cumulative update is supposed to further refine the performance ahead of the public launch. It also includes fixes for some of the known issues in the previous updates.

But at the same time, installing cumulative update KB4497936 on Insider devices could lead to users no longer able to run Windows Defender Application Guard and Windows Sandbox, as every attempt to launch them fails with error 0x800705b4.

Microsoft lists this problem as a known issue and says it’s already working on a fix, but specifics as to when it could go live for everyone aren’t yet available. The company, however, says an update will be included “in an upcoming release.”

Meanwhile, you can turn to a simple registry trick to resolve the error and launch Windows Defender Application Guard and Windows Sandbox properly. However, you need to log in with an administrator account, so on devices where only standard accounts are available, this won’t be possible.

The path where you need to create the new registry items

First of all, it’s important to keep in mind that this workaround involves creating new registry entries, so you should first create a registry backup to make sure you can restore your device should something go wrong.

Next, launch the Registry Editor by pressing Windows key + R and typing regedit.exe. Navigate to the following path in the Registry Editor:


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\CmService\Policy
Right-click the right pane and head over to New > D-WORD (32-bit) Value. You need to do this twice and call the newly-created items the following:
DisableClone
DisableSnapshot
Both new registry entries should be given the following value:
00000001
Once you’re done here, the next step is to close the Registry Editor and reboot the computer. After logging back to the desktop, you can try to launch either Windows Defender Application Guard or Windows Sandbox, and if all the aforementioned steps were completed correctly, the apps should now run properly on your device, even if this latest cumulative update is installed.

The launch of Windows 10 May 2019 Update is projected to kick off later this month, and some devices will get it earlier than others, as Microsoft is using a release in waves. This helps the company make sure that no widespread bug exist, and if they do, the rollout is halted before these issues make their way to a substantial number of devices.

But this imminent release of the May update also means that Microsoft has limited time to resolve this bug, as the company can’t afford to push the final build to production devices with such a major bug. Windows Sandbox, in fact, is one of the highlights of the May update, so not fixing it for everyone before the rollout starts could be a huge disappointment for many users.

At the same time, Windows Defender Application Guard is an essential security feature for many, so it’s critical for Microsoft to fix it in time for the public launch of the May update.

To check if Windows 10 cumulative update KB4497936 installed correctly on your device, click the Start menu and type winver. The OS build number with the update installed on the system is 18362.113.

Photo Gallery (2 Images)

The May update will launch later this month
The path where you need to create the new registry items
Open gallery