New Update Sandboxie-Plus 1.13.0 + 1.13.1 (Experimental) + 1.13.2

[bjm_]

​

This is an experimental build it reworks and streamlines the hooking mechanism around SCM related functions which should improve compatibility with newer windows versions. The improved hooking mechanism allows for API call tracing without the need for LogAPI.dll.
This build adds compatibility with windows 11 insider build 26040, 26052 and later, and changes the way the driver handles offset dependent kernel object modifications, the new mechanism allows an offset configuration to be loaded from the registry such that it is possible to update the offsets without rebuilding the driver.
To improve system stability Sandboxie will no longer try to use old known offsets on newer yet not known kernel builds, except when the pc participates in the windows insider program, instead it will disable the token based security isolation and issue SBIE1207 indicating the insecure fallback mode of operation.

Download: Release v1.13.0 / 5.68.0 · sandboxie-plus/Sandboxie

Added

• added advanced API trace functionality

Changed

• reworked scm hooking to improve windows 10 compatybility
• reworked offset dependant handling of undocumented windows kernel objects
  • the required offsets can be now updated independantly from the driver
  • the DynData blob is digitally signed, when in testsigning mode the signature is howeever ignored
  • when sandboxie encounters a yet unsupported kernel build, token based isoaltion is disabled to prevent system instability
  • this safety mechanism is disabled on systems participating in the windows insider program
  • for systems in the insider program the latest known ofsets are tried
• reworked part of the low level code injection mechanism to add compatybility with windows insider build 26040 and later
• enabled CET Shadow Stack Compatible Flag for core sandboxie binaries

Removed

• cleaned up code and removed obsolete VC 6.0 workarounds

Fixed

• fixed incompatybility with windows insider build 26040 and later

https://www.wilderssecurity.com/threads/sandboxie-plus-1-13-0-experimental.453506/

 

[simmerskool]

installed 1.13.0 over sbie+ 1.12.9 on win10. not seeing any problems or issues.
sha256= 20E77D5FC12CAB03719388EB3A07834F73D778A39355DE1150099836080A1727

 

[bjm_]

New experimental build is ready, please test it thoroughly, if no critical issues appear, I'll push it to the updater tomorrow evening.

Download: Release v1.13.1 / 5.68.1 · sandboxie-plus/Sandboxie

https://www.wilderssecurity.com/threads/sandboxie-plus-1-13-1-experimental.453625/

 

[simmerskool]

https://www.wilderssecurity.com/threads/sandboxie-plus-1-13-1-experimental.453625/

thanks for the link for 1.13.1 experimental -- I always have a hard time finding that link.
1.13.1 = 3C70690D838199FA858A2875B489BA1C75FCF4180A56BCB4D8F12B076AAED261
scans ok at VT

Question: my sbie+ (paid) is set to stable channel but I'm getting its systray icon yellow flag that 1.13.1 experimental is available. I looked at ini and did not see it in there. &

Downloads | Sandboxie-Plus

still lists 1.12.9? What's the relationship between this webpage and github. Asking because I readthat some places on github are compromised with malware recently... see eg

MSN

 

[bjm_]

What's the relationship between this webpage and github.

fwiw ~ my understanding is that the downloads page is updated days/weeks after a version is posted on GitHub.
Meaning, only known stable builds are published on the downloads page.
-

Also for improved reliability you can check the downloads on the project homepage: Downloads | Sandboxie-Plus where only known good builds are posted about a week or two after the github release.

https://github.com/sandboxie-plus/Sandboxie/discussions/1751#discussioncomment-2519032
-
fwiw ~ my 1.12.9 reports

```````````````````````````````````````````````````````````````````````````````````````````

DavidXanatos, Nov 6, 2022
The (probably) over next build 1.6.x will have a new optional live updater.

https://www.wilderssecurity.com/threads/sandboxie-roadmap.445545/page-6#post-3114621

DavidXanatos, Nov 26, 2022
This build fixes a few issues and introduces a new update mechanism which allows to update individual files.
On the "Support Tab" in the "Global Options" the user can choose from 2 release channels
Stable - GitHub Releases
Preview - GitHub Pre-Releases
There the user can also select how to behave when a "New Version" (where an installer is available) or a "Version Update" (where only individual files of the existing installation will be updated) is found.

The Stable channel's "Version Updates" normally only contain new Templates.ini (Compatibility) and Translations.7z, binary updates will be only distributed when a critical security fix has been implemented.

The Preview channel's "Version Updates" contain frequent binary updates allowing allowing to test the latest changes before they made their way to a GitHub (Pre-)Release.

The Installers will offer the ability to download the latest Templates.ini and Translations when installing.

https://www.wilderssecurity.com/threads/sandboxie-plus-v1-6-1.449120/

 

[bjm_]

DavidXanatos, Dec 4, 2022
The plan is roughly this:
A new Pre-Release Version is prepared (with new features), v1.x.0 this is uploaded to GitHub,
then as further improvements are added they are released as "Version Updates": v1.x.0a, v1.x.0b, v1.x.0c, etc.... using the live updater.
Intermittently a new Pre-Release may be uploaded to GitHub, v1.x.1 but only when also a new driver needed signing
And may be a few more live releases: v1.x.1a, v1.x.1b
Once a version is ready for a final release the version number is increased once more v1.x.2 and a final GitHub release is published.

The goal here is to get new version tested quickly before going through the procedure of signing everything, and to assure a better update quality on the final GitHub releases.

https://www.wilderssecurity.com/threads/sandboxie-plus-v1-6-1.449120/#post-3119505

 

[simmerskool]

thanks for the comprehensive feedback. I found it annoying earlier today to have systray icon was flashing a yellow flag because 1.13.1 (experimental) was available. Otherwise I have had zero complaints / zero problems with sbie+. Although, I have not been able to get it to update from "check for updates" when it asks do you want to download newer version. I'll visit wilders and read thru sbie+ thread(s).

 

[bjm_]

I found it annoying earlier today to have systray icon was flashing a yellow flag because 1.13.1 (experimental) was available.

supposedly clicking cancel is supposed to clear flashing

 

[simmerskool]

supposedly clicking cancel is supposed to clear flashing

thanks, I'm sure I clicked this and clacked that, and icon continued flashing but stopped now that 1.13.1 is installed. Still like sbie+ a lot. enjoy using it.

 

[bjm_]

Next text build: 1.13.2

Download: Release v1.13.2 / 5.68.2 · sandboxie-plus/Sandboxie
Added

• added menu entry to restart SandMan as admin #3581 (thanks Yeyixiao)
• added option to block taking screen capture/screenshot of sandboxed processes (thanks Yeyixiao)
  • it can be enabled with "IsProtectScreen=y"
  • see the sandbox option "Prevents getting an image of the window in the sandbox" in SandMan UI
• added option to prevent sandboxed processes from interfering with power operations #3640 (thanks Yeyixiao)
  • it can be enabled with "BlockInterferePower=y"
  • see the sandbox option "Prevents processes in the sandbox from interfering with power operations" in SandMan UI
• added new pattern mechanism using a ** as a placeholder to indicate an arbitrary path element not containing a \ 1ff2867

Changed

• reworked option for suspending all processes in SandMan (introduced in 1.13.1) #3582

Fixed

• fixed privacy mode, NormalFilePath and symbolic link issue #3660
• fixed access to Recycle Bin in an Application Compartment sandbox with data protection #3665

https://www.wilderssecurity.com/threads/sandboxie-plus-1-13-1-1-13-2-experimental.453625/#post-3186816