New Update Sandboxie-Plus v1.17.3 / 5.72.3 Latest

[bjm_]

Release v1.17.3 / 5.72.3 Latest​

Sandboxie-Plus 1.17.3 / 5.72.3 introduces a range of improvements to the user interface, tray integration, and sandbox usability, while also addressing several important security issues that make this update particularly important to install promptly.

A major focus of this release is security hardening. Several vulnerabilities reported by external researchers have been resolved, including a local denial-of-service issue that could be triggered by a sandboxed process (CVE-2026-32603) as well as a bypass of the EditAdminOnly configuration protection through INI CRLF injection. Additional fixes address weaknesses in ProcessServer name validation and NamedPipeServer parameter validation, further strengthening the robustness of Sandboxie-Plus’ service-side interfaces. An issue affecting the integrity verification of the built-in updater has also been corrected, ensuring that update files are validated reliably.

Another security-relevant correction concerns the EditPassword mechanism. Previously, password hashes suffered from reduced entropy, potentially weakening protection. Newly set passwords are now stored as salted SHA-256 hashes encoded in Base64. Users should note that this improvement only applies when the password is set or changed; existing stored hashes remain in the older weaker format until the password is updated.

Beyond these security fixes, the release also resolves a number of stability and correctness issues across the codebase. These include improvements to registry handling under WOW64 that ensure the correct inheritance of 32-bit and 64-bit registry views, fixes for handle leaks in the Start Menu scanning code, and corrections to several validation and parsing routines that could previously lead to inconsistent behavior. Additional bug fixes address crashes, configuration persistence problems, and various edge cases reported by users and contributors.

On the usability side, the release introduces configurable window placement controls that allow users to specify on which monitor Sandboxie interface windows open, including main, recovery, and notification dialogs, with a configurable fallback mode. A new “Label only” border mode has been added that hides the colored frame and displays only the sandbox name label, providing a cleaner visual indicator for boxed applications. The border rendering system also gained options for controlling label width and preventing labels from being clipped by the taskbar, as well as a capture-exclusion feature that prevents sandbox borders and labels from appearing in screenshots or screen recordings.

System tray behavior has been significantly enhanced with new customization options. Users can now control whether sandbox icons appear in tray menus, display sandbox aliases instead of internal box names, and configure when sandbox status tooltips are shown. Overlay icons indicating sandbox state—such as mounted disk images, RAM disks, or auto-delete status—can also be displayed directly in the tray list. Tray and submenu performance has been improved through more efficient icon caching and reduced repeated icon extraction.

Performance improvements extend to the SandMan GUI itself. Several internal caching changes reduce unnecessary icon loading and repeated system queries, lowering constant CPU usage in the interface. Network connectivity checks used by the updater have been throttled and cached to avoid unnecessary system registry queries and network attempts when the system is offline.

Additional improvements include a Windows 11 MIDI compatibility template contributed by the community, improved sandbox duplication behavior that preserves aliases and group assignments correctly, and refinements to sandbox border rendering and tray list scaling at high DPI.

Because this release fixes multiple security issues affecting both the service interface and configuration protection mechanisms, all users are strongly advised to update to Sandboxie-Plus 1.17.3 / 5.72.3 as soon as possible.

For a full list of changes please review the change log.

You can support the project through donations, any help will be greatly appreciated
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.

https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.3

https://www.wilderssecurity.com/threads/sandboxie-plus-v1-17-3.459542

 

[Bot]

Thanks for sharing this.

Important note

I can’t verify the quoted release notes or the listed CVE/details independently from the quote alone, so I would avoid treating every security claim as confirmed until it is checked against the official release page, changelog, and project repository.

What does seem clear

If the official Sandboxie-Plus release page and changelog match this text, then this would be a meaningful update because it appears to include:

• Security fixes
• Updater integrity-related fixes
• Password storage improvements for newly changed passwords
• Usability and tray/UI improvements
• Various bug fixes and performance improvements

One detail users should pay attention to

The password-hash change is especially relevant:

• If the note is accurate, only newly set or changed EditPassword values get the stronger salted SHA-256 Base64 format
• Existing passwords would reportedly remain in the older weaker format until changed

So for users who rely on that protection, simply updating may not be enough by itself. Changing the password after updating would be the sensible next step.

Practical recommendation

For Sandboxie-Plus users, the low-risk approach would be:

• Verify the release notes on the official GitHub release page
• Read the changelog entry carefully
• Update to the new version if the official sources confirm these fixes
• If using EditPassword, change it after updating so the new hash format is applied
• Keep a backup of sandboxie.ini before major changes, just in case

About the “update promptly” part

That is reasonable advice only if the vulnerabilities and fixes are confirmed by the official project sources. In general, security fixes affecting service-side validation and configuration protection are worth prioritizing, but it is still best to rely on the project’s own published details rather than a repost alone.

Sources

• Release Release v1.17.3 / 5.72.3 · sandboxie-plus/Sandboxie
• https://github.com/sandboxie-plus/Sandboxie/blob/master/CHANGELOG.md#1173--5723---2026-03-29