Run programs in a sandbox to prevent malware from making permanent changes to your PC.
Sandboxie allows you to run your browser, or any other program, so that all changes that result from the usage are kept in a sandbox environment, which can then be deleted later.
These are the changes to Sandboxie since version 4.12:
- There is a new EULA (license.txt)
- Fixed Chrome 37/38 crash error C0000008 (invalid handle).
- Fixed Chrome 38-64 hang (web page unresponsive).
- Fixed Chrome hang when printing to PDF.
- Browsers can now access Internet when using McAfee SaaS
- Fixed Silverlight crash in Win 8.1
- Fixed Excel crash when copying large amounts of data.
- Sandboxie now has language support for Farsi (Persian).
- The auto-update feature only checked the next update time (sandbox.ini setting SbieCtrl_NextUpdateCheck) 1 time when SbieCtrl.exe was started. If SbieCtrl.exe was kept running, it would never check the update time again.
- Several large memory leaks (reported by Dr. Larry Pepper et al.) have been fixed. https://forums.sandboxie.com/phpBB3/viewtopic.php?f=11&t=18412
- ASLR is now enabled for SbieDll.dll 32 bit (64 bit will come later).
- OpenIpcPath=\BaseNamedObjects\FontCachePort is now in templates.ini as a default. Until now, this was a suggested work-around for some Chrome 37 problems.
- NOTE: the default only applies to new installs. For existing installs, you need to go into Sandbox settings->Applications->Miscellaneous, and check the option "Allow direct access to Windows Font Cache"
- Added hook for GetProcessImageFileName/NtQueryInformationProcess so it now returns the sandboxed path.
- Improvements to the Dutch language text.
- Malware DarkComet is using a quirk in Windows to put up a MessageBox that does not have the sandboxed yellow window border. This poses no security risk, but to prevent user concern, this has been fixed.
- Special flag added to OpenWinClass to restore Buster Sandbox Analyzer (BSA) message logging. /IgnoreUIPI allows low integrity sandboxed processes to send WM_COPYDATA msgs to windows in higher integrity processes.
- Fixed Sandboxed cmd.exe crash if window title > 256 chars.
- Fixed rare BSOD
- Fixed kernel memory leak in SandboxieCrypto
- The combined installer SandboxieInstall.exe now checks for the VC Redistributables DLLs Sandboxie requires. If they are not up to date (10.0.40219.325), the installer will download and install the VC Redist. from sandboxie.com.
- If SandboxieInstall.exe tries to download the VC Redistributables and fails, there is now a retry option.
The SbieSvc startup time has been increased from 5 seconds to 15 seconds to eliminate the following sequence of startup errors:
- SBIE2335 Initialization failed for process %2
- SBIE2336 Error in GUI server: %2
- SBIE2337 Failed to start program: %2
Example Sandboxie.ini entries (both lines required):
- SandboxieInstall.exe does not contain MS VC DLLs. If they are not already installed or are not up to date, the installer will download the VC Redist. installer package and execute it.
- SandboxieInstall32.exe & SandboxieInstall64.exe contain the DLLs Sandboxie requires. If they are not installed or are not up to date, the installer copies the ones required into system32. The VC Redist. installer is not downloaded or executed.