This update marks a major step forward in functionality, security, and usability for MajorPrivacy. With version 0.98.0, we’re introducing an installer to simplify setup and deployment. Core security enhancements include token integrity level elevation for enclave processes, significantly improving User Interface Privilege Isolation (UIPI), and new driver unload protection to guard against tampering. Secure desktop prompting has been implemented, requiring explicit user approval before Core components can be shut down, reinforcing trusted control over critical operations.

The AccessTree now includes a convenient “Copy Path” feature, and the tweak management interface has been upgraded with the ability to approve or restore tweaks directly within the view. A range of new privacy and security tweaks are now available, including resource access restrictions, execution control, and finely tuned firewall rule adjustments.

In terms of usability improvements, the tweaks view has been refined, and tweak status is now persistently saved to disk, ensuring settings survive reboots or restarts. We’ve also resolved a critical stability issue that could cause a BSOD when the agent crashed during process startup inside an enclave.

This release lays important groundwork for the upcoming 1.0 milestone by tightening system integrity and enhancing user control without compromising performance or clarity.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.98.0

Fixed

• fixed failure to update dyndata

• fixed crash when dyndata update failed

  Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.6.4

Changed

• improved berformance with very big processes

• updated dyndata for latest windows

Fixed

• fixed issue with stack traces introduced 1.6.1

• fixed issue with run as Trusted Installer or as this user

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.6.3

Sandboxie Plus version 1.15.12 / 5.70.12 introduces a range of enhancements, fixes, and usability improvements. This release adds Indonesian language support to the Plus UI, a new template for the WeType Input Method Editor (IME), and support for proxy configuration using host names instead of raw IPs by resolving them at WSA_Startup. Sandboxie can now bind to network adapters rather than specific IP addresses, providing more flexibility in networking setups. Additionally, support for the %ProgramFiles(x86)% environment variable has been introduced, along with a new TemplateDefaultFolders entry to define standard paths in privacy-enhanced boxes.

Several changes improve usability and performance. The “Move Sandbox” list sorting behavior has been refined, and personal details like name and hardware ID in the Support tab are now hidden by default. An experimental alternative proxy relay implementation has also been added, shifting from socket modification to relay threads.

Numerous issues have been addressed. These include the BoxAlias not appearing in the “run in box” dialog, UI inconsistencies after using Ctrl+F, and persistent high I/O usage by SbieCtrl.exe and SandMan.exe. Registry access functions were hardened with additional checks, and problems with Tencent TIM, MSI installer behavior, and oversized Sandboxie.ini files have been resolved. Other fixes address UI glitches, translation inconsistencies, drag-and-drop issues, and crashes related to SbieDll.dll. Compatibility problems with PingInfoView and a loop condition in CollectProducts() have also been fixed.

For a full list of changes please review the change log.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.12

May Insider Download (for great patreons and above only): https://github.com/DavidXanatos/Sandboxie-Next/releases/tag/May-01-2025

This release of MajorPrivacy introduces several powerful new features and important improvements. A DNS filter server has been added, enabling more granular control over DNS traffic. Users can now define Windows Firewall rule templates with wildcard-enabled paths, significantly streamlining rule creation. The ingress view includes a new operation filter, and program items in the UI now display memory usage for log and trace data, with a total memory usage indicator for services. We’ve also introduced trace presets per process and added an option to enable debugging of processes running in enclaves. For easier navigation, a new “expand/collapse all” button has been added to the program tree.

Path rule handling has been reworked with a more flexible mechanism supporting DOS-style patterns, with plans for a future rule import system. The firewall popup now ignores incoming connection attempts to avoid unnecessary prompts. Internally, the project structure, framework, and variant implementation have been refactored and cleaned up, resulting in a more stable and maintainable codebase. Log and trace data are now managed using dedicated memory pools per program, improving performance and reliability.

This version also resolves a deadlock issue during program list cleanup and a crash that could occur when stopping the service while the UI remained open.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.97.2

A new Sandboxie-Plus Insider build based on 1.15.11 is available for Great Patreon’s and above: https://github.com/DavidXanatos/Sandboxie-Next/releases/tag/April-04-2025 as well as to all holders of DEVELOPER type supporter certificates.

Exclusive Insider Features

The Insider builds introduce several powerful enhancements designed to improve security, usability, and customization in Sandboxie-Plus:

• Isolated Desktops – Run applications in their own fully isolated Windows desktop environment, separate from the default user desktop.

• Isolated Clipboard – Each sandbox can have its own independent clipboard, fully isolated from the host system, with options for read-only or write-only integration.

• Portable Sandboxes – Use sandboxes configured in independent .ini files, enabling fully self-contained and portable sandbox setups.

Urgend bugfix: fixed issue with SboxHostDll.dll failing to be injected into OfficeClickToRun.exe

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.11

This release primarily addresses critical compatibility issues with Firefox, ensuring that version 137.0 and later now runs correctly within Sandboxie Plus without generating SBIE2328 notifications. This fix restores proper functionality for Firefox users, resolving a major disruption introduced in the previous version.

In addition to the Firefox fix, this update introduces a new configuration option, BindAdapterIP, which allows users to bind sandboxed applications to a specific host IP address. This can be defined globally or per process via the INI file, offering greater control over network behavior within the sandbox. It’s important to note that the specified IP must be bound to a local network interface, or connections will fail.

Several additional issues have been resolved, including problems affecting Thunderbird. Memory leaks related to process command line retrieval have been addressed, and missing components like SbieShellExt.dll have been restored.

For a full list of changes please review the change log.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.10

I have updated the code at https://xanasoft.com/get-supporter-certificate/ it now should use the OPTIONS field, and DAYS field for new patreons.

Also there is a new Patreon tier: Advanced located between the Regular and Great.

Sandboxie Plus 1.15.9 delivers a robust update centered on security, stability, and compatibility—particularly for users of modern web browsers and those prioritizing privacy and sandbox integrity.

A key highlight is the improved compatibility with Firefox 137 Nightly and later, resolving previous hooking issues that caused instability or functional limitations. Firefox now runs smoothly within sandboxed environments once again.

Security enhancements are another major focus. This release addresses a potential IP leakage vulnerability affecting dual-stack IPv4/IPv6 setups when only one proxy type was configured. Connections now fail gracefully if no proxy is set for the relevant IP type, effectively preventing unintentional bypasses and preserving user anonymity—a critical improvement for users relying on VPNs or proxies.

Additionally, a serious local privilege escalation vulnerability tied to the HostenjectDll mechanism has been patched, thanks to responsible disclosure. This fix strengthens Sandboxie’s role as a secure execution layer.

For advanced users, a new debug option OpenAllSysCalls=y has been added, allowing unrestricted system call access for testing purposes. However, due to its permissive nature, it should be used with caution.

Among the usability improvements, users can now duplicate sandboxes and their contents directly from the UI, streamlining environment management. The update also introduces a new developer certificate type that disables user-mode component verification for advanced use cases. This node-locked certificate is available at no additional cost to existing Contributor or Eternal/Huge certificate holders upon request.

Overall, version 1.15.9 brings a thoughtful balance of new features, critical fixes, and user-focused enhancements, reinforcing Sandboxie Plus as a powerful tool for secure application isolation.

For a full list of changes please review the change log.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.9

Version 0.97.1 of MajorPrivacy introduces several new features, improvements, and fixes, enhancing both functionality and reliability. This update continues to refine the tool’s ability to manage privacy, security, and process control in modern Windows environments.

In this release, an optional user password cache is now available, allowing users to store credentials locally if desired, to simplify certain interactions. The tray menu has also been expanded, providing more convenient access to frequently used functions directly from the system tray. To improve visibility into network activity, additional filters have been added to the network views, giving users more granular control over what data is displayed.

Several significant changes have also been made to enhance usability and functionality. Signature verification has been reworked and improved. The Ingress record has been moved to its own dedicated file, separating it from other logs for better organization. Along with this, file naming conventions have been revised: AccessLog.dat has been renamed to AccessRecord.dat and TrafficLog.dat is now called TrafficRecord.dat. Since MajorPrivacy is still in beta, the old files will not be automatically migrated or cleaned up, so users are encouraged to manually delete them from C:ProgramDataXanasoftMajorPrivacy if they are no longer needed.

Another important change is that, by default, no records (Traffic, Execution, Ingress, Access) are stored to disk anymore. This change reflects a stronger focus on privacy by default, ensuring that only users who explicitly choose to enable logging will have data written to disk. Furthermore, the services configuration file has been renamed to PrivacyAgent.ini to better align with the service’s role. Finally, popup notifications have been cleaned up to avoid showing redundant entries, improving readability and reducing noise in high-activity environments.

This release also addresses several critical bugs and compatibility issues. An incompatibility between ZwLockRegistryKey usage and HVCI (Hypervisor Code Integrity) has been resolved, ensuring MajorPrivacy works correctly on systems with HVCI enabled. Multiple UI crashes related to process protection and DLL loading have been fixed, significantly improving stability. Lastly, a crash occurring when setting the firewall filtering mode has been corrected, ensuring smoother configuration changes.

With these additions, improvements, and fixes, MajorPrivacy 0.97.1 offers a more robust and reliable experience, particularly for users working with advanced security configurations and detailed process monitoring needs.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.97.1

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.6.2

Added

• added driver DynData updater, on start when the current DynData is not compatible with the windows kernel TE will offer an option to update the DynData

  • Note: the updater extracts the DynData from regular SystemInformer canary update packages.

• added preparations (not enebled) to use the old driver on windows 7

Changed

• moved translations to translations.7z

Fixed

• incompatybility witn windows 7 introduced in 1.16.1

• fixed crash in module search window

• fixed performance issue with codepage detection

In this update, several improvements and fixes have been introduced to enhance the stability and functionality of Sandboxie Plus.

A new capability has been added to the service, allowing it to log monitor events, providing users with additional insights and diagnostics.

The Notepad++ template has been updated to ensure compatibility with Sandboxie Classic, improving usability for users of the legacy version. Additionally, MiscHelpers.dll has been updated with enhancements to the finder, contributing to improved performance and reliability.

Several issues have been resolved in this release. Obsolete entries in the Sandboxie Plus installer have been removed, ensuring a cleaner installation process. An issue where pinned shortcuts created via the ‘Run from Start Menu’ option were non-functional has been fixed, addressing reported concerns (#4502). A potential Blue Screen of Death (BSoD) issue with the driver under low-resource conditions has been resolved, improving overall system stability.

Further refinements include fixing a crash occurring in NsiAllocateAndGetTable, thanks to a report from tzf-omkey (#4511). Additionally, two memory leaks have been addressed: one occurring when a sandboxed process received a device change notification, and another affecting the NtQueryDirectoryFile hook, which previously manifested in privacy-enhanced sandboxes (#4509).

This update ensures a more robust and efficient experience for Sandboxie Plus users. As always, feedback and reports from the community are invaluable in maintaining and improving the software.

For a full list of changes please review the change log.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.7

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.6.1

Added

• added ARM64 driver

• added translations

Changed

• updated code to be qt6 comaptible

• greately improved dark mode

• improved driver statis information on startup

• updated MiscHelpers.dll, improved finder

Fixed

• fixed Closing System Info closes also the TaskExplorer #34

• fixed handle leak in thread stack panel

• fixed bad performance on windows 10

• fixed issue where two instances were started when “Skip UAC” was enabled

This insider build is a bit more experimental them usual, it contains 2 new features: Sandboxed clipboard & better clipboard isolation, as well as portable boxes, see github screenshots for details.

Download for Great Patreons and above : https://github.com/DavidXanatos/Sandboxie-Next/releases/tag/Feb-20-2025

This update introduces improvements to stability, compatibility, and debugging tools, addressing several reported issues affecting various applications and sandbox configurations.

This release also includes a rework of CreateDesktop handling, which addresses various issues encountered with browsers and browser-based applications when running within Sandboxie. These changes should result in improved stability and functionality for affected software. Furthermore, a missing hook for NtQueryInformationByName has been implemented to enhance overall system compatibility.

Several bugs have been resolved in this update. An issue where the Sandboxie Plus data folder was not functioning correctly after updating to version 1.15.5 has been fixed. Additionally, crashes affecting Adobe Acrobat Reader when used within an Application Compartment box have been resolved.

Compatibility issues with Viber have also been fixed, ensuring that the software no longer crashes upon launch within Sandboxie. Users of qutebrowser will benefit from a fix that now allows the browser to run properly in a sandboxed environment. A problem preventing applications from launching when ApiTrace was enabled in version 1.15.5 has also been resolved. Lastly, a critical fix has been implemented to prevent blue screen errors (BSoD) when using OpenWndStation=y on Windows 10 with applications that call CreateDesktopW/A.

This release provides key stability and usability improvements for Sandboxie Plus, ensuring better compatibility across a range of applications.

For a full list of changes please review the change log: https://github.com/sandboxie-plus/Sandboxie/blob/master/CHANGELOG.md#1156–5706—2025-01-3

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.6

https://github.com/DavidXanatos/Sandboxie-Next/releases/tag/Feb-02-2025
this link works only for patreons on the Great tier and above.

This release introduces several important fixes to enhance functionality and improve user experience.

A new debugging feature has been added with the inclusion of the HookTrace=y setting, which provides enhanced debugging capabilities for API hooking.

The Sandboxie-Plus data folder has been relocated from C:Users[User]AppDataLocalSandboxie-Plus to C:Users[User]AppDataLocalXanasoftSandboxie-Plus. This change is automatic for users upgrading to this version, but those downgrading to an older version will need to move the folder back manually. Additionally, some options in the box context menu have been re-ordered for improved usability.

This update resolves several critical issues and enhances overall stability. The crash triggered by selecting “Run as Administrator” in the non-advanced view has been fixed, along with a crash caused by missing IP definitions in DNS filtering (#3600, #4475).
Compatibility with ARM64 systems has been significantly improved, addressing issues such as x64 executables failing to run on Windows 11 ARM64 (#4422, #4415) and resolving compatibility MSEdge and explorer problems with Windows 10 ARM64.

Several user experience issues have also been addressed. These include process self-termination failures, infinite loops when Gui_ConnectConsole waited for SbieSvc.exe to quit (#4462), and missing program icons when paths with spaces were specified in the RunCommand setting (#4416). Additional fixes include template scanning reliability (#4401) and the proper display of credential dialogs for RDP connections in encrypted boxes (#4389).

This update aims to provide a smoother, more reliable experience across supported platforms, particularly for users on ARM64 systems.

For a full list of changes please review the change log.

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.6.0

This update introduces significant enhancements, bringing the tool in line with modern requirements by incorporating many previously missing features from SystemInformer. Most notably, this release marks the first version with a fully signed driver, making TaskExplorer ready for professional production use.

Key improvements include expanded security options and enhanced process control features like freezing processes and adjusting efficiency modes. Several panels, including memory, services, modules, and threads, now provide additional columns and insights, while menus have been reorganized for better usability. The config folder has also been relocated to C:Users[User]AppDataLocalXanasoftTaskExplorer for improved integration with other Xanasoft Tools.

Numerous bugs have been resolved, and PHlib has been updated to version 3.2.25011 to ensure stability and compatibility. For a complete list of changes, please refer to the full changelog.

Download (x86 & x64): https://github.com/DavidXanatos/TaskExplorer/releases/download/v1.6.0/TaskExplorer-v1.6.0.exe

This release brings substantial new functionality, user interface enhancements, and critical fixes to improve usability and performance. Users will notice numerous quality-of-life improvements and expanded capabilities for managing secure environments and configurations.

A significant addition in this version is the ability to manage Secure Volumes and Protected Folders more effectively. Users can now add folders directly to the Secure Volumes view for improved organization and rename Secure Volumes or Protected Folders as needed. These features enhance flexibility and streamline folder security workflows.

Several new options have been introduced to improve control and customization. Users can now enable temporary rules, disable trace and access logging, and configure trace/access log limits to suit their specific requirements. Additionally, the tweak info panel offers detailed insights, and centralized signature database management has been implemented. A new signature folder located at C:ProgramDataXanasoftMajorPrivacysig_db allows for user signature creation without altering third-party application directories. Importantly, a signature file in the application folder retains precedence for compatibility purposes.

Rule management has been enriched with several upgrades. The rule creation dialog now includes an auto-name generation feature, a dedicated program picker, and the ability to create process audit rules. These rules monitor processes as though protected but without applying actual protections. Signing capabilities have also been extended, allowing users to sign certificates in addition to files directly from the library view.

The user interface sees significant enhancements, including icons for main panel tabs and the enclave view, along with a new process view-based side panel in the enclave view. Color coding have been added to improve visibility and ease of use across trace, rule, and other views. Access mask columns are now human-readable, and a signature database viewer has been introduced for detailed examination of signatures.

Several critical changes were made to the underlying architecture. Internal path handling has been reworked; as a result, previous versions’ .dat files are incompatible and will be discarded. Signature files have been renamed to .mpsig, with the format enhanced for future-proofing. Old .sig files are no longer supported. These changes, along with streamlined APIs, ensure better performance and scalability.

Finally, this update resolves several issues. Problems with saving rules in the driver and inconsistencies with tweaks have been addressed, improving reliability and overall system behavior.

This update marks a major step forward in usability, flexibility, and security, and we thank our users for their continued feedback and support.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.97.0

This release introduces several significant enhancements and fixes. It includes new features such as an automated cleanup of access and trace logs with a default retention time of 14 days, detection of missing program files in the program tree, and the ability to create custom user-defined program groups. Users can now clear individual trace logs, and clear the ignore list. A secure volume-specific access panel has been added alongside new tools like the Mount Manager Viewer and improved options in the Program Editor Window, including a browse button and icon picker.

Major changes include a complete overhaul of the access tree with a dynamic implementation better suited to user needs, reworking of NT to DOS path resolution, and enhancements to the program tree’s column display capabilities. Additionally, and the maintenance menu and program item deletion process have been refined.

Notable fixes address issues such as driver loading conflicts, consistency problems in CTreeItemModel, a crash in CTraceModel, and performance improvements in the *.dat viewer. The update also resolves issues related to service binary path changes and missing patterns for installed Win32 programs.

Download: https://github.com/xanasoft/MajorPrivacy/releases/download/v0.96.2/MajorPrivacy-v0.95.2-BETA.zip

Added

• added access tree cleanup, removed all entries refering not longer or never existing reosurces

• added option to clear individual trace logs of program items

• added option to ignore invalid resource accessa tempts (bad path syntax, etc)

• last network activity values are now saved to the programs.dat

• program item column counting all accessed files for any program item

• added autoamted Access log and trace log cleanup, default retention time is 14 days

• added detection of missing program files thay are indicated in gray in the program tree

• added clean up option to remove missing program items

• added custom user defined program groups

• added option to clear teh ignore list

• added option to run privacy agent as service

• added mount manager viewer

• added browse button to program editor window

• added icon picker to program editor window

• added secure volume specifiv access panel

Changed

• replaced the Access tree with a new dynamic implementaion more siutable for the user case

• the program tree now can display different column selections for each page

• reworked nt to dos path resolution

• improved maintenance menu

• improved program item deletion

Fixed

• improved driver loading added workarounf for outdated driver already being installed

• fixed consistency issue in CTreeItemModel

• fixed crash in CTraceModel

• fixed issue when a service changes its BinaryPath

• fixed issue not loading patterns for installed win32 programs

• fixed performance issues with *.dat viewer

We are excited to announce the latest updates to Sandboxie Plus 1.15.3, these updates introduce impactful new features, significant improvements, and critical fixes to enhance user experience, customization, and security.

For enhanced security, this release includes a mechanism to restrict access to sandbox folders to the user who created them. Users can also choose to retain or modify Access Control Lists (ACLs) on sandboxed files, providing more flexibility in access management, though this may introduce compatibility issues in some cases. Importantly, this update addresses a security vulnerability documented under CVE-2024-49360.

This release also includes the introduction of a user proxy mechanism, enabling user-specific operations, along with support for the Encrypting File System (EFS). By adding the configuration EnableEFS=y to sandbox settings, users can now utilize EFS within the sandbox environment. The new OpenWPADEndpoint=y option allows access to system proxy configuration, expanding sandbox functionality. Additionally, trace logging filtering has been enhanced, and by enabling LogMessageEvents in global settings, all Sandboxie events can now be logged directly to the Windows Event Log for better tracking and analysis.

Technical improvements in this release include refinements to the startup processes for SandboxieCrypto, ensuring smoother operations. Applications launched via drag-and-drop now consistently use their parent folder as the working directory, improving user experience. Compatibility with Windows build 27749 has been validated to ensure a seamless experience for users. Additionally, crashes affecting Firefox Nightly have been resolved, ensuring better browser compatibility.

We thank our contributors and users for their invaluable feedback and support. Update now to take advantage of the latest features, enhancements, and security improvements in Sandboxie Plus.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.3

Added

• improved ini section editor, it now supports search Ctrl+F

• added SBIE1321 to log all force process events, can be enabled with “NotifyForceProcessEnabled=y”, Improves #4113

Changed

• improved support notification

Fixed

• fixed issues with SSL on ARM64 platform, breaking updater and cert retrieval

We are pleased to announce the release of version 1.15.2 / 5.70.2, introducing significant new features, improvements, and fixes to enhance your experience.

In this release, we’ve added several new features to provide more control and customization options for users. You can now set specific MAC addresses and disk serial numbers for individual sandboxes, thanks to the contributions of Yeyixiao.

Users can now open a program in multiple sandboxes simultaneously, offering greater flexibility in managing applications. Additionally, a new “Description” field has been added to sandbox settings to help organize and document your configurations. For MSI installers, we’ve introduced the default-enabled “NotifyMsiInstaller” option to provide warnings (SBIE2194) when installers require exemptions.

Other notable additions include options to hide installed programs and the system tray icon, enhanced trace logging filtering, and the ability to monitor Sandboxie messages in the Windows Event Log. By enabling “LogMessageEvents” in the global settings, all Sandboxie events can now be logged directly to the system event log for better tracking and analysis.

This version also addresses several critical issues. We resolved a problem with signing the .tmp file during installation or updates, fixed DLL unloading issues, and corrected file and folder access behavior in resource settings. Improvements have been made to eliminate deadlocks during file renaming and to fix errors when moving files or folders. Additionally, Firefox Nightly crashes caused by Sandboxie have been resolved, ensuring smoother browser compatibility.

Finally, this release includes compatibility validation with Windows build 27749. A minor change ensures that when applications are run via drag-and-drop, their parent folder is used as the working directory for better consistency.

We thank our contributors and users for their valuable feedback and ongoing support. Update now to enjoy the latest improvements and features in Sandboxie Plus!

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.2

Added

• added “NetworkAdapterMAC=0,AA-BB-CC-DD-EE-FF” to set MAC address for each box (thanks Yeyixiao)

• added “DiskSerialNumber=DeviceName,1234-ABCD” to set Disk Serial Number for indivdal box (thanks Yeyixiao)

• added the ability to hide certificates in editbox in Global Setting (idea by Yeyixiao)

• added Opening a program in several sandboxes at once #4231

• added “Description” field inside the sandbox settings #4243

• added “NotifyMsiInstaller=y” enabled by default to display message SBIE2194 when an MSI installer is run in a box without the recommended exemptions #4330

  • SBIE2194: MSI installer requires ‘MsiInstallerExemptions=y’ option to be set in the ini to be able to work correctly, however this option weakens the isolation.

• added option to hide installed programs #4139

• added Hide Tray Icon #4075

• added improved trace logging filtering #4338

• added EventLog monitoring for SbieMessages #4113

  • add ‘LogMessageEvents=y’ to the global settings to log all sbie events to the system event log

Fixed

• fixed Sign the .tmp file that gets dropped when installing or updating Sandboxie Plus #2643 #4343

• fixed issue with DLL unloading

• fixed Files Resource Access – Browse for Folder – allows access to excluded folders #4007

• fixed “ForceDisableAdminOnly” is weird #4233

• fixed deadlock on no op condition when renaming file or folder #4304

• fixed Could not move file or folder #4329

• “Run Sandboxed” from the quick-previewer should have only one option #4339

• Sandboxie causing Firefox Nightly crashes #4183

Changed

• validated compatibility with Windows build 27749 and updated DynData

• when running via drag and drop now the apps parent folder is used as working dir #4073

The latest release of Major Privacy brings several substantial improvements to enhance user control and monitoring capabilities. Access logs are now saved to disk, offering long term, deeper insight into system operations. Additional features include auto-scrolling for trace logs, and filters within the program view, making it easier to manage and monitor activities effectively. The interface has been enhanced with new layout options and an improved, more intuitive behavior for navigating tree structures, including double-click expand/collapse functionality. Notably, a significant update to the Programs.dat format means older files won’t be compatible with this version. Alongside these new additions, several bug fixes address startup speed, driver compatibility with Windows 10, and minor cleanup issues, ensuring a smoother, faster experience. Major Privacy continues to build on its advanced privacy functions with a refined approach to access control, making it a powerful tool for users seeking robust protection of their personal data.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.96.1

Added

• access log is now saved to disk

• added option to trace registry accesses

• added dat fiel viewer

• added auto scroll to trace logs

• added fitlers to program view

• added new window layouts

Changed

• improved tree behavioure (double click to expand/colapse all sub branches)

• improved access tree behavioure a lot

• improved traffic view

• changed Programs.dat format

  • WARNING: the old file will be discarded and not impprted

Fixed

• fixed minor issue in driver post op cleanup

• fixed driver incompatybility with windows 10

• fixed issues with slow startup causing error messages

There is a new build it fixes many issues, especially the memory usage.

Download: https://github.com/xanasoft/MajorPrivacy/releases/tag/v0.96.0

Changelog:

Added

• added option to clean up all agent logs

• addes view filters and toolbars to variouse lists

Changed

• reworked volume rule handling, rules can now be stored in m p s y s file in the volume root itself

  • such rules can not be altered when the volume is not mounted adding protection against maliciouse modifications

• reworked password handoff to imbox to make it more secure

• improved mount error handling

• improved GUI

• improved access logging, allowed operations are now logged from the post op with status

  • this allows to ignore access atempts to non existing objects (see settings)

• improved finder bar

• when starting the agent now enums all loaded libraries

Fixed

• fixed issues with volume unmounting

• fixed issues with driver communication

• fixed dnscache related memory leak

• fixed a race condition in the process list

This build fixes a couple issues with 1.15.0 and updates compatibility to the latest windows insider build.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.1

Fixed

• fixed Sandboxie crypto fails to start in red boxes

• fixed issue with breakout process when using explorer.exe

Changed

• validated compatibility with Windows build 27729 and updated DynData

This build of Sandboxie Plus version 1.15.0 introduces several impactful enhancements, focusing on user-specific operations and security improvements. A notable addition is the new user proxy mechanism, which enables user-specific operations, as well as support for Encrypting File System (EFS) through the user proxy. By adding the configuration ‘EnableEFS=y’ to the sandbox, users can now leverage EFS within the sandbox environment. Furthermore, a breakout document feature has been implemented, allowing users to specify certain file paths and extensions that can escape the sandbox. However, users are warned to avoid paths terminated with wildcards as they may open up security vulnerabilities, enabling the execution of malicious scripts outside of the sandbox.

In terms of security, a new mechanism has been added to restrict access to box folders, allowing only the user who created the folder to access it by setting ‘LockBoxToUser=y’. Additionally, users now have the option to retain the original Access Control Lists (ACLs) on sandboxed files or modify them, providing more flexibility in access management, this may introduce compatibility issues though. Another new feature is the ‘OpenWPADEndpoint=y’ option, which allows to open system proxy configuration access. On the technical side, improvements have been made to the startup processes for SandboxieCrypto and Sandboxed RPCSS, as well as refinements to the user interface controls.

These updates mark a significant step forward in both the security and functionality of Sandboxie Plus.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.15.0

Added

• added new user proxy mechanism to enable user specific operations

• added Support for EFS using the user proxy #1980

  • to enable add ‘EnableEFS=y’ to the sandbox config

• added break out document functionality #2741

  • use a syntax like this ‘BreakoutDocument=C:path*.txt’ to specify path and extension

  • Security Warning: do not use paths terminated with a wild card like ‘BreakoutDocument=C:path*’ as thay will allow for executeion ot maliciouse scripts outside teh sandbox!!!

• added mechanism to set set box folder ACLs to allow only the creating user access ‘LockBoxToUser=y’

• added option to keep original ACLs on sandboxed files ‘UseOriginalACLs=y’

• added option ‘OpenWPADEndpoint=y’ #4292

Fixed

• fixed ImDiskApp uninstall key is always written to the registry #4282

Changed

• improved SandboxieCrypto startup

• improved Sandboxed RPCSS startup

• Set tab orders and buddies of UI controls #4300 (thanks gexgd0419)

In the latest release, version 1.5.6, several key updates and changes were made to improve overall functionality and performance. One of the notable adjustments is that Task Explorer (TE) no longer lists mounted VHD/VHDX files as disks, focusing solely on real hardware. This change aims to streamline disk management and ensure the system resources are utilized more efficiently by disregarding virtual drives. Additionally, the PHlib library has been updated to version 3.1.24258, continuing the effort to maintain compatibility with the latest technology and ensuring smooth operation.

Important Note:

This build has a unsigned driver hence it is required to enable test signign mode to use it

Download: https://github.com/DavidXanatos/TaskExplorer/releases/tag/v1.5.6

In this release, we have introduced several new features and improvements that significantly enhance the user experience and provide greater flexibility in system operations. Most notably, users can now effortlessly obtain free 10-day evaluation certificates directly from the support settings page within the UI. These certificates are hardware-locked to the user’s machine and allow for up to three requests per hardware ID, making it easier to test and evaluate the system with minimal setup.

Furthermore, new options have been added to increase privacy and security, such as the ability to modify the Windows Product ID in the registry to a random value and to return random values for disk serial numbers and network adapter MAC addresses when queried by applications. These features add an extra layer of obfuscation to protect against unwanted system identification.

Other enhancements include the ability to terminate all processes when Sandman exits, a new option for configuring DropConHostIntegrity directly from the UI, and an improved shared template feature in the New Box Wizard. The number of available shared templates has increased to 10, and the template names can now be easily updated by adjusting the corresponding settings.

In terms of fixes, we have addressed several key issues, including improving the “HideDiskSerialNumber” functionality to prevent application crashes, correcting the format of encrypted proxy passwords, and resolving an issue related to the “NtQueryDirectoryObject” function to avoid easy sandbox detection. These updates contribute to a more stable and secure environment for users.

Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.14.7

Added

• added “RandomRegUID”(bool) which could modify Windows Product Id in the registry to a rand value

• added “HideDiskSerialNumber”(bool) return random value when applications tries to get disk serial number

• added option to get free 10 days evaluation certificates from the support settings page.

  • The evaluation certificates are node lcoked to the HwID and for each HwID up to 3 certs can be requested.

• added “TerminateWhenExit”(bool,in Sandboxie-Plus.ini) to terminate all processes when Sandman exits for #4171

• added a question box to ask for Sandbox Import Location for #4169

• added UI option to configure DropConHostIntegrity

• added “HideNetworkAdapterMAC”(bool) return random value when applications tries to get network adapter mac address

• added shared template selection to the Shared Template feature in the advanced options of the New Box Wizard #4199

  • The number of available shared templates has been increased to 10

  • To update the names displayed in the list, simply adjust the “Tmpl.Title” setting within each template

Fixed

• fixed and improved HideDiskSerialNumber option causes applications to crash #4185

• fixed encrypted proxy password was improperly formatted #4197

• fixed NtQueryDirectoryObject (should not return “STATUS_MORE_ENTRIES”) as this is a EASY Sandbox Detection #4201

This website is a work in progress it will present my Opensource tools that can be found on github:

Sandboxie Plus
Task Explorer
MajorPrivacy
DiskCryptor

You can support my work through donations, any help will be greatly appriciated.