Sandboxie-Plus 1.17.0 delivers significantly improved compatibility for UWP applications and App Compartment boxes, alongside usability enhancements and important stability fixes.This version substantially improves the experimental UWP support across multiple layers of the architecture. A failure to mount the registry when launching UWP applications inside a sandbox has been resolved, restoring reliable startup behavior for modern Windows apps. Token handling has been refined to eliminate incompatibilities with the UWP security model, CopyTokenAttributes=y is now automatically applied to ensure correct attribute propagation required by UWP processes. To provide consistent behavior, SandboxieAllGroup=y is now the default, effectively standardizing the UseCreateToken=y code path, reducing dependency on undocumented kernel functions.
IPC handling in App Compartment type boxes has been further improved to increase reliability and compatibility with App Container based isolation. This fixes Microsoft Edge 144 crashes in Application Compartment Boxes. Furthermore, a new UseAlternateIpcNaming=y mode replaces the use of a separate NT object namespace by appending a suffix to sandboxed object names, instead of using an entirely separated object directory structure. This mode is restricted to App Compartment boxes, as for regular box types the object paths would otherwise be blocked by the driver.
User-facing transparency and workflow have been enhanced. Sandboxed windows now display the sandbox name directly in the border, and a new border mode ensures that the border is shown for every window belonging to sandboxed processes, not only the one currently in focus. Sandboxie service applications now include dedicated icons for clearer identification.
Isolation control has been extended, a new global option, ForceBoxDocs=y, allows administrators to force any program opening a file from a boxed path to start inside the corresponding sandbox, strengthening document-origin enforcement.
The SandMan UI can now export and import multiple sandboxes in a single operation, simplifying migration and backup procedures. Configuration handling has been improved as well, RenameSection processing now preserves original comments and section order, ensuring configuration files remain structurally clean and maintainable after modifications.
Several additional stability issues have been addressed. The CryptUnprotectData hook no longer returns an incorrect data description string. A handle leak in SbieDll.dll has been eliminated. Switching sandbox sorting in the user interface now behaves correctly. A crash in the file search bar triggered by performing multiple searches within a sandbox has also been resolved.
Overall, this release delivers materially improved UWP and App Compartment reliability, refined token handling semantics, updated Windows compatibility data, and a range of quality-of-life and stability enhancements.
Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.2
Edit: Paragraphs added for better readability.
Last edited:
