Sandboxie 1.0.4 Plus / 5.55.4 Classic Pre-release

Run programs in a sandbox to prevent malware from making permanent changes to your PC.

Sandboxie allows you to run your browser, or any other program, so that all changes that result from the usage are kept in a sandbox environment, which can then be deleted later.

Sandboxie is a sandbox-based isolation software for 32- and 64-bit Windows NT-based operating systems. It is being developed by David Xanatos since it became open source, before that it was developed by Sophos (which acquired it from Invincea, which acquired it earlier from the original author Ronen Tzur). It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying the local or mapped drive. An isolated virtual environment allows controlled testing of untrusted programs and web surfing.

Sandboxie is available in two flavors Plus and Classic. Both have the same core components, this means they have the same level of security and compatibility. What"s different is the user interface the Plus build has a modern Qt based UI which supports all new features that have been added since the project went open source. The Classic build has the old no longer developed MFC based UI, hence it lacks support for modern features, these features can however still be used when manually configured in the Sandboxie.ini.

Sandboxie 1.0.4 Plus / 5.55.4 Classic changes:

  • Mechanism to hook Win32 system calls now also works for 32 bit applications running under WoW64
  • Added customization to Win32k hooking mechanism, as by default only GdiDdDDI* hooks are installed

-- You can force the installation of other hooks by specifying them with "EnableWin32Hook=..."
-- or disable the installation of the default hooks with "DisableWin32Hook=..."
-- Please note that some Win32k hooks may cause BSODs or undefined behaviour. (!)
-- The most obviously problematic Win32k hooks are blacklisted, this can be bypassed with "IgnoreWin32HookBlacklist=y"

  • added debug option "AdjustBoxedSystem=n" to disable the adjustment of service ACLs running with a system token
  • added "NoUACProxy=y" option together with the accompanying template, in order to disable UAC proxy -- Note: Boxes configured in compartment mode activate this template by default --
  • added UI option to change default RpcMgmtSetComTimeout preset
  • added Plus installer option to start the default browser under Sandboxie through a desktop shortcut
  • added more entries to the Plus installer (current translations on Languages.iss file need to be updated)

Changed

  • "EnableWin32kHooks=y" is now enabled by default, as no issues were reported in 1.0.3 -- Note: currently only the GdiDdDDI* hooks are applied, required for Chromium HW acceleration
  • Cleaned up low level hooking code a bit
  • "RunRpcssAsSystem=y" is now auto applied for boxes in "App Compartment" mode when "RunServicesAsSystem=y" or "MsiInstallerExemptions=y" are present

Fixed

  • fixed RPC handling in case a requested open service is not running #1443
  • fixed a hooking issue with NdrClientCall2 in 32 bit applications
  • fixed issue with start directory to run sandboxed when using SandMan #1436
  • fixed issue with recovering from network share locations #1435

Download: Sandboxie Plus 1.0.4 (64-bit) | Sandboxie Plus 1.0.3 (32-bit) ~16.0 MB (Open Source)
Download: Sandboxie 5.55.4 Classic (64-bit) | Sandboxie 5.55.4 Classic (32-bit) ~2.0 MB
View: Sandboxie Website | Sandboxie Plus Home Page | GitHub | Release Notes

Get alerted to all of our Software updates on Twitter at @NeowinSoftware

Report a problem with article
Next Article

1by1 2.02

Previous Article

GIMP 2.10.30