New Update Sandboxie-Plus 1.14.3, 1.14.4, 1.14.5, 1.14.6

bjm_

Level 14
Thread author
Verified
Top Poster
Well-known
May 17, 2015
696
In the 1.14.x release line, several significant updates and fixes have been introduced to enhance the functionality and performance of sandboxed processes. These enhancements are aimed at providing users with a more robust and versatile experience, ensuring smoother and more secure operations.

One of the major updates is the introduction of the ability to force sandboxed processes to use a predefined SOCKS5 proxy. This feature allows for more controlled and secure network interactions. Additionally, the capability to intercept DNS queries for logging or redirection has been added, providing administrators with greater oversight and flexibility in managing network traffic. Notably, support for SOCKS5 proxy authentication based on RFC1928 has been incorporated, thanks to Deezzir's contributions, who also developed a Test Dialog UI for the SOCKS5 proxy. It is important to note that utilizing the Proxy and DNS features requires an advanced type certificate.

The release also introduces a new command line option, /fcp /force_children, to the start.exe utility. This option enables the initiation of a program outside the sandbox while ensuring that all its child processes are sandboxed, enhancing security without compromising flexibility. Additionally, a new feature allows for the limitation of memory usage and the number of processes within a single sandbox through job objects. This was made possible by Yeyixiao's contribution and can be configured using "TotalMemoryLimit" for overall sandbox memory limits and "ProcessMemoryLimit" for individual process limits.

Further improvements include the addition of a new "Sandboxie\All Sandboxes" SID to the token creation process, which fundamentally alters the token creation mechanism. This feature can be activated with the "SandboxieAllGroup=y" setting. Users can now also configure the "EditAdminOnly=y" setting on a per-box basis, providing more granular control over administrative permissions. Additionally, a new UI option allows users to start unsandboxed processes while forcing child processes into a sandbox, and the "AlertBeforeStart" option prompts a warning before launching a new program into the sandbox if the initiating program is not a Sandboxie component.

Moreover, the update introduces a mechanism to block unsafe calls via RPC Port message filtering and a template to prevent sandboxed processes from accessing system information through WMI. A new "Job Object" Options page has been added, consolidating all job object-related options for easier management. Several critical fixes have been implemented, including resolving Chrome printing problems and various bugs affecting sandbox properties and program launching. Compatibility with Steam running sandboxed has also been improved.

Compatibility with Windows build 26217 has been validated, and dynamic data has been updated accordingly. Finally, an issue with an early batch of Large Supporter certificates has been resolved, ensuring smoother operation and fewer disruptions. These updates collectively enhance the security, performance, and usability of sandboxed processes, providing users with a more reliable and efficient environment.

Download: Release v1.14.3 / 5.69.3 · sandboxie-plus/Sandboxie

This build is considered final, it will be distributed instantly in the preview update channel, when no issues materialize it will be published in the stable channel in a few days and on the website.
https://www.wilderssecurity.com/threads/sandboxie-plus-1-14-3.454463/
 

Bot

AI-powered Bot
Apr 21, 2016
4,071
The 1.14.x release line of Sandboxie-Plus has introduced several significant updates and fixes, aimed at enhancing the functionality and performance of sandboxed processes. Key updates include the ability to force sandboxed processes to use a predefined SOCKS5 proxy, the capability to intercept DNS queries, and a new command line option for the start.exe utility. Other improvements include the addition of a new "Sandboxie\All Sandboxes" SID to the token creation process, a mechanism to block unsafe calls via RPC Port message filtering, and improved compatibility with Steam and Windows build 26217. The update is available for download and will be distributed in the stable channel in a few days.
 
  • Like
Reactions: [correlate]

simmerskool

Level 34
Verified
Top Poster
Well-known
Apr 16, 2017
2,311
sbie+ 1.14.3 running good here. @Bot I have an obscure question. Hypothetical, assume I have sbie sandbox dedicated for logging into MT with firefox, AND my antivirus is G Data. Normally G Data automatically detects firefox with the option to install its Webprotection extension (add-on) BUT the firefox running in the sbie sandbox does not have that extension installed & G Data is NOT "seeing" this sandboxed firefox so does not offer to install it. It appears this G Data extension is only available to download from G Data thru its av app. Any idea how to force the extension into this sandboxed firefox? Where or how can I download & install this extension from inside sbie+? (hope I explained this correctly & clearly)
 
  • Like
Reactions: [correlate]

bjm_

Level 14
Thread author
Verified
Top Poster
Well-known
May 17, 2015
696

bjm_

Level 14
Thread author
Verified
Top Poster
Well-known
May 17, 2015
696

Sandboxie-Plus 1.14.5

This build fixes various bugs and adds some minor improvements.

Download: Release v1.14.5 / 5.69.5 · sandboxie-plus/Sandboxie

Added
  • added hwid display
  • added Language Spoof "CustomLCID=1033" #4024 (thanks Yeyixiao)
  • added option to always run the sandman UI as admin #4090
  • added Proxy exclusion #4036
  • added "ForceChildren=Program.exe" #4070
  • added UI options for "ForceRestartAll" and "UseCreateToken" in OptionWindow
  • added an optional context menu option to make folder/file forced quickly
    • Note: You can also use "Sandman.exe /add_force program_path" to do it
Fixed
  • fixed two supporter certificate popping up every time a Sandboxes' settings are opened #4074
  • fixed issue with HwID-bound serial keys failing when no HwID could be obtained
  • fixed issue with "UseChangeSpeed=y"
  • fixed broken "HideFirmwareInfo=y" implementation.
    • changed reg path to key "HKCU\System\SbieCustom", value: "SMBiosTable"
    • added UI options
  • fixed schannel error SEC_E_SECPKG_NOT_FOUND in encrypted sandboxes #4081
  • fixed The name of the sandbox is too long, causing an error in sbie2327 #4064
  • fixed Job objects cannot be assigned memory limits greater than 4 GB #4096
Changed
  • the certificate format can now take an explicit validity days specification, needed for gapless certificate renewal
https://www.wilderssecurity.com/threads/sandboxie-plus-1-14-5.454587
 
Last edited:

bjm_

Level 14
Thread author
Verified
Top Poster
Well-known
May 17, 2015
696
This build fixes various bugs and adds some minor improvements.

Download: Release v1.14.6 / 5.69.6 · sandboxie-plus/Sandboxie

[1.14.6 / 5.69.6] - 2024-07-30

Added

  • added alias for a sandbox #4112
Fixed
  • fixed issue with Windows 7 caused by the new CustomLCID option #4117
  • fixed Settings Window issue with non-advanced certificates introduced in 1.14.0
  • fixed issue with API_PROCESS_EXEMPTION_CONTROL
https://www.wilderssecurity.com/threads/sandboxie-plus-1-14-5-1-14-6.454587/#post-3203465
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top