Sandboxie-Plus 1.15.2

We are pleased to announce the release of version 1.15.2 / 5.70.2, introducing significant new features, improvements, and fixes to enhance your experience.

In this release, we’ve added several new features to provide more control and customization options for users. You can now set specific MAC addresses and disk serial numbers for individual sandboxes, thanks to the contributions of Yeyixiao.

Users can now open a program in multiple sandboxes simultaneously, offering greater flexibility in managing applications. Additionally, a new “Description” field has been added to sandbox settings to help organize and document your configurations. For MSI installers, we’ve introduced the default-enabled “NotifyMsiInstaller” option to provide warnings (SBIE2194) when installers require exemptions.

Other notable additions include options to hide installed programs and the system tray icon, enhanced trace logging filtering, and the ability to monitor Sandboxie messages in the Windows Event Log. By enabling “LogMessageEvents” in the global settings, all Sandboxie events can now be logged directly to the system event log for better tracking and analysis.

This version also addresses several critical issues. We resolved a problem with signing the .tmp file during installation or updates, fixed DLL unloading issues, and corrected file and folder access behavior in resource settings. Improvements have been made to eliminate deadlocks during file renaming and to fix errors when moving files or folders. Additionally, Firefox Nightly crashes caused by Sandboxie have been resolved, ensuring smoother browser compatibility.

Finally, this release includes compatibility validation with Windows build 27749. A minor change ensures that when applications are run via drag-and-drop, their parent folder is used as the working directory for better consistency.

We thank our contributors and users for their valuable feedback and ongoing support. Update now to enjoy the latest improvements and features in Sandboxie Plus!

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.2

Added

  • added “NetworkAdapterMAC=0,AA-BB-CC-DD-EE-FF” to set MAC address for each box (thanks Yeyixiao)

  • added “DiskSerialNumber=DeviceName,1234-ABCD” to set Disk Serial Number for indivdal box (thanks Yeyixiao)

  • added the ability to hide certificates in editbox in Global Setting (idea by Yeyixiao)

  • added Opening a program in several sandboxes at once #4231

  • added “Description” field inside the sandbox settings #4243

  • added “NotifyMsiInstaller=y” enabled by default to display message SBIE2194 when an MSI installer is run in a box without the recommended exemptions #4330

    • SBIE2194: MSI installer requires ‘MsiInstallerExemptions=y’ option to be set in the ini to be able to work correctly, however this option weakens the isolation.

  • added option to hide installed programs #4139

  • added Hide Tray Icon #4075

  • added improved trace logging filtering #4338

  • added EventLog monitoring for SbieMessages #4113

    • add ‘LogMessageEvents=y’ to the global settings to log all sbie events to the system event log

Fixed

  • fixed Sign the .tmp file that gets dropped when installing or updating Sandboxie Plus #2643 #4343

  • fixed issue with DLL unloading

  • fixed Files Resource Access – Browse for Folder – allows access to excluded folders #4007

  • fixed “ForceDisableAdminOnly” is weird #4233

  • fixed deadlock on no op condition when renaming file or folder #4304

  • fixed Could not move file or folder #4329

  • “Run Sandboxed” from the quick-previewer should have only one option #4339

  • Sandboxie causing Firefox Nightly crashes #4183

Changed

  • validated compatibility with Windows build 27749 and updated DynData

  • when running via drag and drop now the apps parent folder is used as working dir #4073

Major Privacy v0.96.1 BETA

The latest release of Major Privacy brings several substantial improvements to enhance user control and monitoring capabilities. Access logs are now saved to disk, offering long term, deeper insight into system operations. Additional features include auto-scrolling for trace logs, and filters within the program view, making it easier to manage and monitor activities effectively. The interface has been enhanced with new layout options and an improved, more intuitive behavior for navigating tree structures, including double-click expand/collapse functionality. Notably, a significant update to the Programs.dat format means older files won’t be compatible with this version. Alongside these new additions, several bug fixes address startup speed, driver compatibility with Windows 10, and minor cleanup issues, ensuring a smoother, faster experience. Major Privacy continues to build on its advanced privacy functions with a refined approach to access control, making it a powerful tool for users seeking robust protection of their personal data.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.96.1

Added

  • access log is now saved to disk

  • added option to trace registry accesses

  • added dat fiel viewer

  • added auto scroll to trace logs

  • added fitlers to program view

  • added new window layouts

Changed

  • improved tree behavioure (double click to expand/colapse all sub branches)

  • improved access tree behavioure a lot

  • improved traffic view

  • changed Programs.dat format

    • WARNING: the old file will be discarded and not impprted

Fixed

  • fixed minor issue in driver post op cleanup

  • fixed driver incompatybility with windows 10

  • fixed issues with slow startup causing error messages

Major Privacy v0.96.0 BETA

There is a new build it fixes many issues, especially the memory usage.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.96.0

Changelog:

Added

  • added option to clean up all agent logs

  • addes view filters and toolbars to variouse lists

Changed

  • reworked volume rule handling, rules can now be stored in m p s y s file in the volume root itself

    • such rules can not be altered when the volume is not mounted adding protection against maliciouse modifications

  • reworked password handoff to imbox to make it more secure

  • improved mount error handling

  • improved GUI

  • improved access logging, allowed operations are now logged from the post op with status

    • this allows to ignore access atempts to non existing objects (see settings)

  • improved finder bar

  • when starting the agent now enums all loaded libraries

Fixed

  • fixed issues with volume unmounting

  • fixed issues with driver communication

  • fixed dnscache related memory leak

  • fixed a race condition in the process list

Sandboxie-Plus 1.15.0 Released

This build of Sandboxie Plus version 1.15.0 introduces several impactful enhancements, focusing on user-specific operations and security improvements. A notable addition is the new user proxy mechanism, which enables user-specific operations, as well as support for Encrypting File System (EFS) through the user proxy. By adding the configuration ‘EnableEFS=y’ to the sandbox, users can now leverage EFS within the sandbox environment. Furthermore, a breakout document feature has been implemented, allowing users to specify certain file paths and extensions that can escape the sandbox. However, users are warned to avoid paths terminated with wildcards as they may open up security vulnerabilities, enabling the execution of malicious scripts outside of the sandbox.

In terms of security, a new mechanism has been added to restrict access to box folders, allowing only the user who created the folder to access it by setting ‘LockBoxToUser=y’. Additionally, users now have the option to retain the original Access Control Lists (ACLs) on sandboxed files or modify them, providing more flexibility in access management, this may introduce compatibility issues though. Another new feature is the ‘OpenWPADEndpoint=y’ option, which allows to open system proxy configuration access. On the technical side, improvements have been made to the startup processes for SandboxieCrypto and Sandboxed RPCSS, as well as refinements to the user interface controls.

These updates mark a significant step forward in both the security and functionality of Sandboxie Plus.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.0

Added

  • added new user proxy mechanism to enable user specific operations

  • added Support for EFS using the user proxy #1980

    • to enable add ‘EnableEFS=y’ to the sandbox config

  • added break out document functionality #2741

    • use a syntax like this ‘BreakoutDocument=C:path*.txt’ to specify path and extension

    • Security Warning: do not use paths terminated with a wild card like ‘BreakoutDocument=C:path*’ as thay will allow for executeion ot maliciouse scripts outside teh sandbox!!!

  • added mechanism to set set box folder ACLs to allow only the creating user access ‘LockBoxToUser=y’

  • added option to keep original ACLs on sandboxed files ‘UseOriginalACLs=y’

  • added option ‘OpenWPADEndpoint=y’ #4292

Fixed

  • fixed ImDiskApp uninstall key is always written to the registry #4282

Changed

  • improved SandboxieCrypto startup

  • improved Sandboxed RPCSS startup

  • Set tab orders and buddies of UI controls #4300 (thanks gexgd0419)

Task Explorer v1.5.6 Released

In the latest release, version 1.5.6, several key updates and changes were made to improve overall functionality and performance. One of the notable adjustments is that Task Explorer (TE) no longer lists mounted VHD/VHDX files as disks, focusing solely on real hardware. This change aims to streamline disk management and ensure the system resources are utilized more efficiently by disregarding virtual drives. Additionally, the PHlib library has been updated to version 3.1.24258, continuing the effort to maintain compatibility with the latest technology and ensuring smooth operation.

Important Note:

This build has a unsigned driver hence it is required to enable test signign mode to use it

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.5.6

Sandboxie-Plus 1.14.7

In this release, we have introduced several new features and improvements that significantly enhance the user experience and provide greater flexibility in system operations. Most notably, users can now effortlessly obtain free 10-day evaluation certificates directly from the support settings page within the UI. These certificates are hardware-locked to the user’s machine and allow for up to three requests per hardware ID, making it easier to test and evaluate the system with minimal setup.

Furthermore, new options have been added to increase privacy and security, such as the ability to modify the Windows Product ID in the registry to a random value and to return random values for disk serial numbers and network adapter MAC addresses when queried by applications. These features add an extra layer of obfuscation to protect against unwanted system identification.

Other enhancements include the ability to terminate all processes when Sandman exits, a new option for configuring DropConHostIntegrity directly from the UI, and an improved shared template feature in the New Box Wizard. The number of available shared templates has increased to 10, and the template names can now be easily updated by adjusting the corresponding settings.

In terms of fixes, we have addressed several key issues, including improving the “HideDiskSerialNumber” functionality to prevent application crashes, correcting the format of encrypted proxy passwords, and resolving an issue related to the “NtQueryDirectoryObject” function to avoid easy sandbox detection. These updates contribute to a more stable and secure environment for users.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.14.7

Added

  • added “RandomRegUID”(bool) which could modify Windows Product Id in the registry to a rand value

  • added “HideDiskSerialNumber”(bool) return random value when applications tries to get disk serial number

  • added option to get free 10 days evaluation certificates from the support settings page.

    • The evaluation certificates are node lcoked to the HwID and for each HwID up to 3 certs can be requested.

  • added “TerminateWhenExit”(bool,in Sandboxie-Plus.ini) to terminate all processes when Sandman exits for #4171

  • added a question box to ask for Sandbox Import Location for #4169

  • added UI option to configure DropConHostIntegrity

  • added “HideNetworkAdapterMAC”(bool) return random value when applications tries to get network adapter mac address

  • added shared template selection to the Shared Template feature in the advanced options of the New Box Wizard #4199

    • The number of available shared templates has been increased to 10

    • To update the names displayed in the list, simply adjust the “Tmpl.Title” setting within each template

Fixed

  • fixed and improved HideDiskSerialNumber option causes applications to crash #4185

  • fixed encrypted proxy password was improperly formatted #4197

  • fixed NtQueryDirectoryObject (should not return “STATUS_MORE_ENTRIES”) as this is a EASY Sandbox Detection #4201