Sign In

Welcome! Log into your account

Forgot your password?

Create an account

Sign Up

Welcome! Register for an account

A password will be e-mailed to you.

Password Recovery

Recover your password

A password will be e-mailed to you.

Sandboxie 5.49.7 / 0.7.4 / 5.33.6 – FREE by Sophos

1 Star2 Stars3 Stars4 Stars5 Stars (34 votes, average: 4.09 out of 5)
Sandboxie 5.49.7 / 0.7.4 / 5.33.6 – FREE by Sophos

Sandboxie is a proprietary sandbox based isolation program for Windows operating systems. It creates a sandbox-like isolated operating environment.

There you can run or install all applications without permanently modifying the local or mapped drive. An isolated virtual environment allows to control testing of untrusted programs and web surfing.

Sandboxie runs your programs in an isolated space. It prevents them from making permanent changes to other programs and data in your computer.

When you run a program on your computer, data flows from the hard disk to the program via read operations. The data is then processed and displayed, and finally flows back from the progam to the hard disk via write operations.

Sandboxie changes the rules such that write operations do not make it back to your hard disk.

  • Intercept changes to both your files and registry settings, making it virtually impossible for any software to reach outside the sandbox.
  • Traps cached browser items into the sandbox as a by-product of normal operation. So when you throw away the sandbox, all the history records and other side-effects of your browsing disappear as well.

Benefits of the Isolated Sandbox:

  • Secure Web Browsing. If you run Web browser under the protection of Sandboxie, all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.
  • Enhanced Privacy. Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don’t leak into Windows.
  • Secure E-mail. Viruses and other malicious software that might be hiding in your email can’t break out of the sandbox and can’t infect your real system.
  • Windows Stays Lean. Prevent wear-and-tear in Windows by installing software into an isolated sandbox.

Changes in Sandboxie 5.49.7:

Added

  • added “UseSbieWndStation=y” to emulate CreateDesktop for selected processes, not only for Firefox and Chrome
  • added option to drop the console host process integrity, now you can use “DropConHostIntegrity=y”
  • added option to easily add local templates
  • added option to disable file migration prompt
  • added UI options for variouse security isolation features
  • added missing functionality to set template values in the plus UI

Changed

  • reworked window hooking mechanism to improve performance
    — resolves issues with file save dialogs taking 30+ sec to open
    — this fix greatly improves the win32 GUI performance of sandboxed processes
  • reworked RPC resolver to be ini configurable
    — the following options are now deprecated:
    — “UseRpcMgmtSetComTimeout=some.dll,n”, so use “RpcPortBinding=some.dll,*,TimeOut=y”
    — “OpenUPnP=y”, “OpenBluetooth=y”, “OpenSmartCard=n” use the new templates instead
    — See the Templates.ini for usage examples
  • Align default settings of AutoRecover and Favorites to the Plus version (thanks isaak654)
  • list of email clients and browsers is now centralized on Dll_GetImageType

Fixed

  • fixed process-specific hooks being applied to all processes in a given sandbox
  • fixed issue with messages and templates sometimes not being properly displayed in the SandMan UI
  • fixed issue with compatibility settings not being applied properly
  • fixed auto delete issue that got introduced with 0.7.1
  • fixed issue with NtSetInformationFile, FileDispositionInformation resulting in Opera installer failing
  • fixed issue with MacType introduced in the 0.7.2 build
  • fixed global sandboxed windows hooks not working when window rename option is disabled
  • fixed issue with saving local templates
  • fixed issue when using runas to start a process that was created outside of the Sandboxie supervision
    — since the runas facility is not accessible by default, this did not constitute a security issue
    — to enable runas functionality, add “OpenIpcPath=\RPC Control\SECLOGON” to your Sandboxie.ini
    — please take note that doing so may open other yet unknown issues
  • fixed a driver compatibility issue with Windows 10 32 bit Insider Preview Build 21337
  • fixed issues with driver signature for windows 7
  • fixed minor issue with logging internet blocks
  • fixed issue with file recovery when located on a network share
  • fixed ui issue with CallTrace
  • fixed crated sandbox links gettign double extension
  • fixed misplaced labels in the classic ui (thanks isaak654)
  • fixed separator line in Sbiectrl (thanks isaak654)

Changes in Sandboxie 5.49.5:

Added

  • added “UseSbieWndStation=y” to emulate CreateDesktop for selected processes, not only for Firefox and Chrome
  • added option to drop the console host process integrity, now you can use “DropConHostIntegrity=y”
  • added option to easily add local templates

Changed

  • reworked window hooking mechanism to improve performance
    — resolves issues with file save dialogs taking 30+ sec to open
    — this fix greatly improves the win32 GUI performance of sandboxed processes
  • reworked RPC resolver to be ini configurable
    — the following options are now deprecated:
    — “UseRpcMgmtSetComTimeout=some.dll,n”, so use “RpcPortBinding=some.dll,*,TimeOut=y”
    — “OpenUPnP=y”, “OpenBluetooth=y”, “OpenSmartCard=n” use the new templates instead
    — See the Templates.ini for usage examples

Fixed

  • fixed process-specific hooks being applied to all processes in a given sandbox
  • fixed issue with messages and templates sometimes not being properly displayed in the SandMan UI
  • fixed issue with compatibility settings not being applied properly
  • fixed auto delete issue that got introduced with 0.7.1
  • fixed issue with NtSetInformationFile, FileDispositionInformation resulting in Opera installer failing
  • fixed issue with MacType introduced in the 0.7.2 build
  • fixed global sandboxed windows hooks not working when window rename option is disabled
  • fixed issue with saving local templates
  • fixed issue when using runas to start a process that was created outside of the Sandboxie supervision
    — since the runas facility is not accessible by default, this did not constitute a security issue
    — to enable runas functionality, add “OpenIpcPath=\RPC Control\SECLOGON” to your Sandboxie.ini
    — please take note that doing so may open other yet unknown issues
  • fixed a driver compatibility issue with Windows 10 32 bit Insider Preview Build 21337
  • fixed issues with driver signature for windows 7

Changes in Sandboxie 5.49.0:

Added

  • added option to alter reported Windows version “OverrideOsBuild=7601” for Windows 7 SP1
  • the trace log can now be structured like a tree with processes as root items and threads as branches

Changed

  • SandboxieCrypto now always migrates the CatRoot2 files in order to prevent locking of real files
  • greatly improved trace log performance
  • MSI Server can now run with the “FakeAdminRights=y” and “DropAdminRights=y” options
    — special service allowance for the MSI Server can be disabled with “MsiInstallerExemptions=n”
  • changed SCM access check behaviour; non elevated users can now start services with a user token
    — elevation is now only required to start services with a system token
  • reworked the trace log mechanism to be more verbose
  • reworked RPC mechanism to be more flexible

Fixed

  • fixed issues with some installers introduced in 5.48.0
  • fixed “add user to sandbox” in the Plus UI
  • FIXED SECURITY ISSUE: the HostInjectDll mechanism allowed for local privilege escalation (thanks hg421)
  • Classic UI no longer allows to create a sandbox with an invalid or reserved device name

Changes in Sandboxie 5.48.5:

Added

  • sandboxed indicator for tray icons, the tooltip now contains [#] if enabled
  • the trace log buffer can now be adjusted with “TraceBufferPages=2560”
    — the value denotes the count of 4k large pages to be used, here for a total of 10 MB
  • new functionality to the list finder
  • Enchanced RpcMgmtSetComTimeout handing with “UseRpcMgmtSetComTimeout=some.dll,n”
    — this option allows to specify for each individual dll if RpcMgmtSetComTimeout should be used or not
    — this setting takes precedence over hard coded and per process presets
    — “UseRpcMgmtSetComTimeout=some.dll” and “UseRpcMgmtSetComTimeout=some.dll,y” are equivalent
  • Added “FakeAdminRights=y” option that makes processes in a given box think thay have admin permissions
    — this option is recomended to be used in combination with “DropAdminRights=y” to improve securits
    — With “FakeAdminRights=y” and “DropAdminRights=y” installers should still work
  • added RPC support for SSDP API (the Simple Service Discovery Protocol), Enable with “OpenUPnP=y”

Changed

  • improved RPC debugging
  • improved IPC handling around RpcMgmtSetComTimeout
    — required exceptions have been hard coded for specific calling dll’s
  • the LogApi dll is now using Sbies tracing facility to logg events instead of an own pipe server
  • SbieCrypto no longer triggers message 1313
  • changed enum process API now more (no limit) than 511 proceses per box can be enumerated
  • Reorganized box settings a bit
  • Made COM tracing more verbose

Fixed

  • FIXED SECURITY ISSUE: elevated sandboxed processes could access volumes/disks for reading (thanks hg421)
  • fixed crash issue around SetCurrentProcessExplicitAppUserModelID observed with GoogleUpdate.exe
  • fixed issue with resource monitor sort by timestamp
  • FIXED SECURITY ISSUE: a race condition in the driver allowed to obtain a elevated rights handle to a process (thanks typpos)
  • FIXED SECURITY ISSUE: “\RPC Control\samss lpc” is now filtered by the driver (thanks hg421)
    — this allowed elevated processes to change passwords, delete users and alike, to disable filtering use “OpenSamEndpoint=y”
  • FIXED SECURITY ISSUE: “\Device\DeviceApi\CMApi” is now filtered by the driver (thanks hg421)
    — this allowed elevated processes to change hardware configuration, to disable filtering use “OpenDevCMApi=y”
  • fixed issues with webcam access when the DevCMApi filtering is in place
  • fixed issue with free download manager for ‘AppXDeploymentClient.dll’ RpcMgmtSetComTimeout=y is used
  • fixed not all WinRM files were blocked by the driver, with “BlockWinRM=n” this file block can be disabled

Changes in Sandboxie 5.48.0:

Added

  • sandboxed indicator for tray icons, the tooltip now contains [#] if enabled
  • the trace log buffer can now be adjusted with “TraceBufferPages=2560”
    — the value denotes the count of 4k large pages to be used, here for a total of 10 MB
  • new functionality to the list finder

Changed

  • improved RPC debugging
  • improved IPC handling around RpcMgmtSetComTimeout, “RpcMgmtSetComTimeout=n” is now the default behavioure
    — required exceptions have been hard coded for specific calling dll’s
  • the LogApi dll is now using Sbies tracing facility to logg events instead of an own pipe server

Fixed

  • FIXED SECURITY ISSUE: elevated sandboxed processes could access volumes/disks for reading (thanks hg421)
  • fixed crash issue around SetCurrentProcessExplicitAppUserModelID observed with GoogleUpdate.exe
  • fixed issue with resource monitor sort by timestamp
  • FIXED SECURITY ISSUE: a race condition in the driver allowed to obtain a elevated rights handle to a process (thanks typpos)
  • FIXED SECURITY ISSUE: “\RPC Control\samss lpc” is now filtered by the driver (thanks hg421)
    — this allowed elevated processes to change passwords, delete users and alike, to disable filtering use “OpenSamEndpoint=y”
  • FIXED SECURITY ISSUE: “\Device\DeviceApi\CMApi” is now filtered by the driver (thanks hg421)
    — this allowed elevated processes to change hardware configuration, to disable filtering use “OpenDevCMApi=y”

Changes in Sandboxie 5.47.1:

Added

  • added UI Language auto detection

Fixed

  • fixed brave.exe is now properly recognized as chrome based not firefox based
  • fixed issue introduced in 0.6.5 with recent edge builds
    — the 0.6.5 behavioure can be set ona per process basis using “RpcMgmtSetComTimeout=POPPeeper.exe,n”
  • fixed grouping issues
  • fixed main windows restore state from tray

Changes in Sandboxie 5.47.0:

Added

  • added detection for waterfox.exe, Palemoon.exe, basilisk.exe and brave.exe firefox forks
  • added bluetooth API support, IPC port can be opened with “OpenBluetooth=y”
    — this should resolve issues with many unity games hanging on startup for a long time
  • added enhanced RPC/IPC interface tracing
  • when DefaultBox is not found by the SandMan UI, it will be recreated
  • “Disable Forced Programs” time is now saved and reloaded

Changed

  • reduced sandman cpu usage
  • sandboxie.ini and templates.ini can now be UTF8 encoded
    — this feature is experimental, files without a UTF-8 Signature should be recognized also
    — “ByteOrderMark=yes” is obsolete, sandboxie.ini is now always saved with a BOM/Signature
  • legacy language files can now be UTF8 encoded
  • reworked file migration behaviour, removed hardcoded lists in favour of templates
    — you can now use “CopyAlways=”, “DontCopy=” and “CopyEmpty=” that support the same syntax as “OpenFilePath=”
    — “CopyBlockDenyWrite=program.exe,y” makes a write open call to a file that won’t be copied fail instead of turning it read only
  • removed hardcoded SkipHook list in favour of templates

Fixed

  • fixed old memory pool leak in the sbie driver
  • fixed issue with item selection in the access restrictions ui
  • fixed updater crash in sbiectrl.exe
  • fixed issues wih RPC calls introduced in sbie 5.33.1
  • fixed recently broken terminate all command
  • fixed a couple minor UI issues with Sandman UI
  • fixed IPC issue with windows 7 and 8 resulting in process termination
  • fixed “recover to” functionality

Changes in Sandboxie 5.46.5:

Added

  • added comfirmation prompts to terminate all commands
  • added window title to boxed process info
  • added winspy based sandboxed window finder
  • added option to view disabled boxes and double click on box to enable it

Changed

  • reset columns now resized them to fit the content, also “Reset Columns” can now be localized
  • modal windows are now centered to the parent
  • improved new box window

Fixed

  • fixed issues with window modality
  • fixed issues when main window was set to be always on top
  • fixed an driver issue with windows 10 insider build 21286
  • fixed issues with snapshot dialog
  • fixed an issue when writing to a path that aready exist in the napshot but not outside

Changes in Sandboxie 5.46.4:

Added

  • added “SandboxService=…” to force selected services to be started in the sandbox
  • added template cleanup functionality to plus UI
  • allow internet prompt now also allow internet access pemanently
  • added browse button for box root folder in the SandMan UI
  • added explorer info message
  • added option to keep the sandman UI always on top
  • added drag and drop file on to sandman exe to open/run it sandboxed
  • added start SandMan UI when a sandboxed application starts
  • recovery window can now list all files
  • added file cunter to recovery window
  • when “NoAddProcessToJob=y” is specified chrome and alike now can fully use the job system
    — Note: “NoAddProcessToJob=y” reduces the box isolation, but the affected functions are mostly covered by UIPI anyways
  • added obtimized default column widths to the sbie view

Changed

  • improved access tracing, removed redundant entries
  • OpenIpcPath=\BaseNamedObjects[CoreUI]-* is now hardcoded in the driver no need for the template entry
  • WindowsFontCache is now open by default
  • refactored some IPC code in the driver
  • updated templates (thanks isaak654)
  • when trying to take a snapshot of an empty sandbox a proper error message is displayed
  • new layout for the recovery window
  • sbie view sorting is now case insensitive

Fixed

  • fixed issue allowing to bypass the registry isolation, present since Windows 10 Creators Update
  • fixed creation time not always being properly updated in the SandMan UI
  • fixed issue child window closing terminating application when main was hidden
  • fixed issues with non modal windows
  • fixed issues connecting in portable mode to driver
  • fixed minor issues with snapshot window
  • fixed missing error message when atempting to create an aleady existing sandbox
  • fixed issue allowing to save setting when a sandbox was alrady deleted
  • fixed issues with disabled items in dark mode
  • fixed some dialogs not closing on esc
  • fixed tab stops on many windows

Homepage – https://www.sandboxie.com

Supported Operating Systems: Windows XP – Windows 10 (32-bit, 64-bit).

Translations: English, Albanian, Chinese (Simplified and Traditional), Czech, Finnish, French, German, Italian, Japanese, Korean, Polish, Portuguese (Brasil), Russian and Turkish.

Leave a Reply

7 Comments on Sandboxie 5.49.7 / 0.7.4 / 5.33.6 – FREE by Sophos

  • Gravatar
    Guest

    ronald

    wow, redundant software, most browsers run in a "sandbox" of sorts, besides, why is this needed anyway???

  • Gravatar
    Guest

    cat

    It's a nice idea, but this program always had some issues whenever I used it. Avast meanwhile has its Auto Sandbox, for those who want it. And you could argue that an Anti Virus program should (try to) make a sandbox superfluous. Maybe a sandbox could be a replacement for Windows User Account Control? I like it best, not to be bothered by such 'solutions'. AV, Windows Defender, Firewall, and some registry cleaner (wise) can do the job.

  • Gravatar
    Guest

    magnum_2007

    This program creates a copy of your current reg settings and any files required to be accessed by the file being tested and redirects all the changes to the copies instead of the originals. This saves the original system from being infected. So using 168MB is just below normal for that...

  • Gravatar
    Guest

    Rich

    168MB of occupied space when so many now have 100's or thousands of gigs from huge hard drive capacities,this is not an issue. Considering the security this program provides, you should not compromise.

  • Gravatar
    Guest

    VETOR

    Today i uninstaled this prog.
    and see the total size occupied for it!
    Incredible 168 Mb! No more.
    ...

  • Gravatar
    Guest

    new_generation

    jeremyofmany,
    How about firewall do I still need it it's great that antivirus not necessary because it eats lots of resources... Can I trust this soft if I understand good it isolates from the system files viruses but how about soft/games I dont see here written that sandbox isolates these files? 

  • Gravatar
    Guest

    soft_tester

    its been a year since i found sandboxie. Yes, this is a useful software. back way before im using it with vista and kaspersky. sandboxie lets you run applications in virtual. there was this virus which hides itsel to a malwarebytes installation ive downloaded not from the official site, and kaspersky said it is clean. thankfully i run it using sandboxie and then i noticed that it planted files in system32 folder and also added registry files unrelated to malwarebytes and also 3 files were opened before installation. my hunch is that it has embedded trojan. after a day, i updated kaspersky and scanned again the mlwarebytes installer and voila! the installler has been tampered with trojans. vudo ones!

    tested today in win7 rtm so far so good. i hope final version comes out early.

    ps. 64bit os is the next future but in real enterprise world, 64 it still lagging in compatability and there are more 32bit users than 64.. so if you have 4gb or less better use 32bit, 99% no worries. just use 64bit os if you have more than 5gb and you are in video editing or CAD etc.. just my view in os.