Sandboxie is a proprietary sandbox based isolation program for Windows operating systems. It creates a sandbox-like isolated operating environment.
There you can run or install all applications without permanently modifying the local or mapped drive. An isolated virtual environment allows to control testing of untrusted programs and web surfing.
Sandboxie runs your programs in an isolated space. It prevents them from making permanent changes to other programs and data in your computer.
When you run a program on your computer, data flows from the hard disk to the program via read operations. The data is then processed and displayed, and finally flows back from the progam to the hard disk via write operations.
Sandboxie changes the rules such that write operations do not make it back to your hard disk.
- Intercept changes to both your files and registry settings, making it virtually impossible for any software to reach outside the sandbox.
- Traps cached browser items into the sandbox as a by-product of normal operation. So when you throw away the sandbox, all the history records and other side-effects of your browsing disappear as well.
Benefits of the Isolated Sandbox:
- Secure Web Browsing. If you run Web browser under the protection of Sandboxie, all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.
- Enhanced Privacy. Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don’t leak into Windows.
- Secure E-mail. Viruses and other malicious software that might be hiding in your email can’t break out of the sandbox and can’t infect your real system.
- Windows Stays Lean. Prevent wear-and-tear in Windows by installing software into an isolated sandbox.
Changes in Sandboxie 5.55.7 / Sandboxie Plus 1.0.6:
- added experimental option “CreateToken=y” to create a new token instead of repurposing an existing one
- added option “DisableRTBlacklist=y” allowing to disable the hardcoded runtime class blacklist
- added new template “DeviceSecurity” to lock down access to device drivers on the system
— Note: This template requires RuleSpecificity being available to work properly
- added option to set a custom ini editor in the Plus UI
- added option “LingerLeniency=n” to solve issue
- reworked syscall invocation code in the driver — Win32k hooking is now compatible with HVCI
- fixed memory leak in driver (conf_user.c)
- fixed issue with file renaming in open paths introduced in 1.0.6
- fixed issue causing Chromium browsers not closing properly
- fixed issue with start.exe
- fixed SandMan issue with reused process IDs
- fixed KmdUtil sometimes not properly terminating the driver
- removed OpenToken as it is only a shorthand for UnrestrictedToken=y and UnfilteredToken=y set together
Changes in Sandboxie 5.55.6 / Sandboxie Plus 1.0.6:
- replaced “Open with” with a Sandboxie dialog to work on Windows 10
- added ability to run Win32 store apps in App Compartment mode (on Windows 11 requires COM to be open)
- added new debug options “UnstrippedToken=y” and “KeepUserGroup=y”
- added double click to recover files and folders in recovery window
- added Ukrainian language on Plus UI (by SuperMaxusa)
- “UseSbieWndStation=y” is now the default behaviour
- disabled Win32k hooking when HVCI is enabled due to an incompatibility (BSOD)
- fixed box initialization issue in Privacy mode
- fixed issue with shortcuts creation introduced in a recent build
- fixed various issues in Privacy Enhanced boxes and rule specificity
- fixed issue with SeAccessCheckByType and alike
- fixed issues with Win32k hooking on 32 bit Windows
- removed obsolete SkyNet rootkit detection from 32 bit build
Changes in Sandboxie 5.55.5 / Sandboxie Plus 1.0.5:
- sandbox top level exception handler to create crash dumps
— it can be enabled per process or globally using “EnableMiniDump=process.exe,y” or “EnableMiniDump=y” respectively
— the dump flags can be set as hex with “MiniDumpFlags=0xAABBCCDD”
— a preselected flag set for a verbose dump can be set with “MiniDumpFlags=Extended”
— Note: created dump files are located at:
- added template support for Osiris and Slimjet browsers (by Dyras)
- improved SbieDll initialization a bit
- doubled size of Name_Buffer_Depth
- improved text filter in the templates view
- fixed issue with forced process display
- fixed crash issue with GetClassName
- fixed minor UI issue
- fixed UI language preset issue
- fixed grouping issues in SandMan UI
- fixed issue with EnableWin32kHooks
Homepage – https://www.sandboxie.com
Supported Operating Systems: Windows XP – Windows 11 (32-bit, 64-bit).
Translations: English, Albanian, Chinese (Simplified and Traditional), Czech, Finnish, French, German, Italian, Japanese, Korean, Polish, Portuguese (Brasil), Russian and Turkish.
Size: 2.09 MB