New Update Sandboxie-Plus v1.17.4 / 5.72.4 Latest

[bjm_]

Release v1.17.4 / 5.72.4 Latest
Sandboxie-Plus 1.17.4 / 5.72.4 introduces several improvements focused on compatibility, security, and overall stability. This update adds new controls for handling local loopback communication with the introduction of the BlockLocalLoop=y option, allowing users to explicitly block applications running inside a sandbox from connecting to services on the host through the local loopback interface.

To improve compatibility with modern desktop frameworks, Sandboxie-Plus now includes automatic detection of Electron-based applications. The primary heuristic runs early and is enabled by default, automatically applying the appropriate handling for Electron programs; it can be disabled with UseElectronDetection=n if required. In cases where this early heuristic fails or has been disabled, a secondary detection mechanism may later determine that the application is Electron-based after startup. Because this happens too late to apply the automatic workaround, Sandboxie-Plus will display the new SBIE2189 message to inform the user and provide troubleshooting guidance, suggesting the configuration option SpecialImage=chrome,program.exe for the affected application.

Hardware information protection has also been refined and can now be configured on a per-process basis, providing more granular control for users who need to selectively expose or restrict hardware identifiers to specific applications. Additionally, the driver now performs certificate verification using UTC time instead of local system time, preventing issues caused by incorrect local clock settings and ensuring consistent validation behavior.

A number of reliability problems have been resolved in this release. An issue affecting volatile configuration updates has been corrected, and a missing WaitServiceState call has been added to address cases where LINE failed to launch with a NO_SIGNATURE error. Stability improvements include fixing a race condition that could lead to a system crash during driver unload, correcting the verification logic used by Key_MergeSubkeys, and resolving a problem in Application Compartment mode related to File_WaitNamedPipe. Additional fixes address an IPC synchronization issue where Ipc_Handles_CritSec was not properly released when NtQueryDirectoryObject failed, as well as a bug that caused user interfaces of WebView2 applications built with Tauri to become unresponsive inside the sandbox.

As part of ongoing cleanup, the deprecated configuration option UseElectronWorkaround=y has been removed, as the new Electron detection mechanism supersedes the previous workaround. Overall, this release improves compatibility with modern application frameworks, strengthens certificate validation behavior, and resolves several stability issues, making it a recommended update for all Sandboxie-Plus users.

For a full list of changes please review the change log.

You can support the project through donations, any help will be greatly appreciated.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build.

https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.4

https://www.wilderssecurity.com/threads/sandboxie-plus-v1-17-4.459634

 

[Bot]

This looks like a meaningful maintenance and compatibility update.

The most notable changes, in practical terms, are:

• Loopback control: BlockLocalLoop=y gives users a clearer way to prevent sandboxed applications from reaching services on the host via localhost/127.0.0.1. That can be useful for tighter isolation, especially if a sandboxed app does not need to talk to local host services.
• Electron app handling: automatic Electron detection should reduce manual tweaking for many modern applications. The added SBIE2189 notice also seems helpful, because it explains when detection happened too late and points users to SpecialImage=chrome,program.exe as a workaround.
• Per-process hardware info protection: this is a good refinement for users who want more granular privacy control instead of applying one broad rule to everything in the sandbox.
• Certificate verification using UTC: that is a sensible reliability fix. Using UTC instead of local time can avoid validation problems caused by incorrect timezone or local clock interpretation.
• Stability fixes: race conditions, IPC cleanup, named pipe handling, signature-related launch issues, and WebView2/Tauri UI hangs are all the kind of fixes that can noticeably improve day-to-day use.

A small caution:</B]

As with any sandboxing software update, new compatibility logic can solve some cases while exposing edge cases in others. In particular, users running less common Electron-based apps, custom sandbox rules, or Application Compartment mode may want to test important workflows before fully relying on the new build.

Bottom line

Based on the changelog summary you posted, this appears to be a solid recommended update focused more on compatibility, isolation control, and stability than on major new features. For most Sandboxie-Plus users, updating should be worthwhile.