New Update Sandboxie-Plus 1.13.0 + 1.13.1 (Experimental) + 1.13.2

bjm_

Level 15
Thread author
Verified
Top Poster
Well-known
May 17, 2015
705

This is an experimental build it reworks and streamlines the hooking mechanism around SCM related functions which should improve compatibility with newer windows versions. The improved hooking mechanism allows for API call tracing without the need for LogAPI.dll.
This build adds compatibility with windows 11 insider build 26040, 26052 and later, and changes the way the driver handles offset dependent kernel object modifications, the new mechanism allows an offset configuration to be loaded from the registry such that it is possible to update the offsets without rebuilding the driver.
To improve system stability Sandboxie will no longer try to use old known offsets on newer yet not known kernel builds, except when the pc participates in the windows insider program, instead it will disable the token based security isolation and issue SBIE1207 indicating the insecure fallback mode of operation.

Download: Release v1.13.0 / 5.68.0 · sandboxie-plus/Sandboxie

Added

  • added advanced API trace functionality
Changed
  • reworked scm hooking to improve windows 10 compatybility
  • reworked offset dependant handling of undocumented windows kernel objects
    • the required offsets can be now updated independantly from the driver
    • the DynData blob is digitally signed, when in testsigning mode the signature is howeever ignored
    • when sandboxie encounters a yet unsupported kernel build, token based isoaltion is disabled to prevent system instability
    • this safety mechanism is disabled on systems participating in the windows insider program
    • for systems in the insider program the latest known ofsets are tried
  • reworked part of the low level code injection mechanism to add compatybility with windows insider build 26040 and later
  • enabled CET Shadow Stack Compatible Flag for core sandboxie binaries
Removed
  • cleaned up code and removed obsolete VC 6.0 workarounds
Fixed
  • fixed incompatybility with windows insider build 26040 and later

https://www.wilderssecurity.com/threads/sandboxie-plus-1-13-0-experimental.453506/
 
Last edited:

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,574
installed 1.13.0 over sbie+ 1.12.9 on win10. not seeing any problems or issues.
sha256= 20E77D5FC12CAB03719388EB3A07834F73D778A39355DE1150099836080A1727
 
  • Like
Reactions: bjm_

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,574
https://www.wilderssecurity.com/threads/sandboxie-plus-1-13-1-experimental.453625/
thanks for the link for 1.13.1 experimental -- I always have a hard time finding that link.
1.13.1 = 3C70690D838199FA858A2875B489BA1C75FCF4180A56BCB4D8F12B076AAED261
scans ok at VT

Question: my sbie+ (paid) is set to stable channel but I'm getting its systray icon yellow flag that 1.13.1 experimental is available. I looked at ini and did not see it in there. &
still lists 1.12.9? What's the relationship between this webpage and github. Asking because I readthat some places on github are compromised with malware recently... see eg
 
  • Like
Reactions: Dave Russo and bjm_

bjm_

Level 15
Thread author
Verified
Top Poster
Well-known
May 17, 2015
705
What's the relationship between this webpage and github.
fwiw ~ my understanding is that the downloads page is updated days/weeks after a version is posted on GitHub.
Meaning, only known stable builds are published on the downloads page.
-
Also for improved reliability you can check the downloads on the project homepage: Downloads | Sandboxie-Plus where only known good builds are posted about a week or two after the github release.
https://github.com/sandboxie-plus/Sandboxie/discussions/1751#discussioncomment-2519032
-
fwiw ~ my 1.12.9 reports
png_18710.png
```````````````````````````````````````````````````````````````````````````````````````````
DavidXanatos, Nov 6, 2022
The (probably) over next build 1.6.x will have a new optional live updater.
https://www.wilderssecurity.com/threads/sandboxie-roadmap.445545/page-6#post-3114621
DavidXanatos, Nov 26, 2022
This build fixes a few issues and introduces a new update mechanism which allows to update individual files.
On the "Support Tab" in the "Global Options" the user can choose from 2 release channels
Stable - GitHub Releases
Preview - GitHub Pre-Releases
There the user can also select how to behave when a "New Version" (where an installer is available) or a "Version Update" (where only individual files of the existing installation will be updated) is found.

The Stable channel's "Version Updates" normally only contain new Templates.ini (Compatibility) and Translations.7z, binary updates will be only distributed when a critical security fix has been implemented.

The Preview channel's "Version Updates" contain frequent binary updates allowing allowing to test the latest changes before they made their way to a GitHub (Pre-)Release.

The Installers will offer the ability to download the latest Templates.ini and Translations when installing.
https://www.wilderssecurity.com/threads/sandboxie-plus-v1-6-1.449120/
 
Last edited:
  • Like
Reactions: Dave Russo

bjm_

Level 15
Thread author
Verified
Top Poster
Well-known
May 17, 2015
705
DavidXanatos, Dec 4, 2022
The plan is roughly this:
A new Pre-Release Version is prepared (with new features), v1.x.0 this is uploaded to GitHub,
then as further improvements are added they are released as "Version Updates": v1.x.0a, v1.x.0b, v1.x.0c, etc.... using the live updater.
Intermittently a new Pre-Release may be uploaded to GitHub, v1.x.1 but only when also a new driver needed signing
And may be a few more live releases: v1.x.1a, v1.x.1b
Once a version is ready for a final release the version number is increased once more v1.x.2 and a final GitHub release is published.

The goal here is to get new version tested quickly before going through the procedure of signing everything, and to assure a better update quality on the final GitHub releases.
https://www.wilderssecurity.com/threads/sandboxie-plus-v1-6-1.449120/#post-3119505
 
  • Like
Reactions: Dave Russo

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,574
thanks for the comprehensive feedback. I found it annoying earlier today to have systray icon was flashing a yellow flag because 1.13.1 (experimental) was available. Otherwise I have had zero complaints / zero problems with sbie+. Although, I have not been able to get it to update from "check for updates" when it asks do you want to download newer version. I'll visit wilders and read thru sbie+ thread(s).


1709520718497.png
 
  • Like
Reactions: Dave Russo and bjm_

bjm_

Level 15
Thread author
Verified
Top Poster
Well-known
May 17, 2015
705
Next text build: 1.13.2

Download: Release v1.13.2 / 5.68.2 · sandboxie-plus/Sandboxie
Added

  • added menu entry to restart SandMan as admin #3581 (thanks Yeyixiao)
  • added option to block taking screen capture/screenshot of sandboxed processes (thanks Yeyixiao)
    • it can be enabled with "IsProtectScreen=y"
    • see the sandbox option "Prevents getting an image of the window in the sandbox" in SandMan UI
  • added option to prevent sandboxed processes from interfering with power operations #3640 (thanks Yeyixiao)
    • it can be enabled with "BlockInterferePower=y"
    • see the sandbox option "Prevents processes in the sandbox from interfering with power operations" in SandMan UI
  • added new pattern mechanism using a ** as a placeholder to indicate an arbitrary path element not containing a \ 1ff2867
Changed
  • reworked option for suspending all processes in SandMan (introduced in 1.13.1) #3582
Fixed
  • fixed privacy mode, NormalFilePath and symbolic link issue #3660
  • fixed access to Recycle Bin in an Application Compartment sandbox with data protection #3665
https://www.wilderssecurity.com/threads/sandboxie-plus-1-13-1-1-13-2-experimental.453625/#post-3186816
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top