Sandboxie-Plus 1.17.4 / 5.72.4 introduces several improvements focused on compatibility, security, and overall stability. This update adds new controls for handling local loopback communication with the introduction of the BlockLocalLoop=y option, allowing users to explicitly block applications running inside a sandbox from connecting to services on the host through the local loopback interface.
To improve compatibility with modern desktop frameworks, Sandboxie-Plus now includes automatic detection of Electron-based applications. The primary heuristic runs early and is enabled by default, automatically applying the appropriate handling for Electron programs; it can be disabled with UseElectronDetection=n if required. In cases where this early heuristic fails or has been disabled, a secondary detection mechanism may later determine that the application is Electron-based after startup. Because this happens too late to apply the automatic workaround, Sandboxie-Plus will display the new SBIE2189 message to inform the user and provide troubleshooting guidance, suggesting the configuration option SpecialImage=chrome,program.exe for the affected application.
Hardware information protection has also been refined and can now be configured on a per-process basis, providing more granular control for users who need to selectively expose or restrict hardware identifiers to specific applications. Additionally, the driver now performs certificate verification using UTC time instead of local system time, preventing issues caused by incorrect local clock settings and ensuring consistent validation behavior.
A number of reliability problems have been resolved in this release. An issue affecting volatile configuration updates has been corrected, and a missing WaitServiceState call has been added to address cases where LINE failed to launch with a NO_SIGNATURE error. Stability improvements include fixing a race condition that could lead to a system crash during driver unload, correcting the verification logic used by Key_MergeSubkeys, and resolving a problem in Application Compartment mode related to File_WaitNamedPipe. Additional fixes address an IPC synchronization issue where Ipc_Handles_CritSec was not properly released when NtQueryDirectoryObject failed, as well as a bug that caused user interfaces of WebView2 applications built with Tauri to become unresponsive inside the sandbox.
As part of ongoing cleanup, the deprecated configuration option UseElectronWorkaround=y has been removed, as the new Electron detection mechanism supersedes the previous workaround. Overall, this release improves compatibility with modern application frameworks, strengthens certificate validation behavior, and resolves several stability issues, making it a recommended update for all Sandboxie-Plus users.
For a full list of changes please review the change log.
Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.4
To improve compatibility with modern desktop frameworks, Sandboxie-Plus now includes automatic detection of Electron-based applications. The primary heuristic runs early and is enabled by default, automatically applying the appropriate handling for Electron programs; it can be disabled with UseElectronDetection=n if required. In cases where this early heuristic fails or has been disabled, a secondary detection mechanism may later determine that the application is Electron-based after startup. Because this happens too late to apply the automatic workaround, Sandboxie-Plus will display the new SBIE2189 message to inform the user and provide troubleshooting guidance, suggesting the configuration option SpecialImage=chrome,program.exe for the affected application.
Hardware information protection has also been refined and can now be configured on a per-process basis, providing more granular control for users who need to selectively expose or restrict hardware identifiers to specific applications. Additionally, the driver now performs certificate verification using UTC time instead of local system time, preventing issues caused by incorrect local clock settings and ensuring consistent validation behavior.
A number of reliability problems have been resolved in this release. An issue affecting volatile configuration updates has been corrected, and a missing WaitServiceState call has been added to address cases where LINE failed to launch with a NO_SIGNATURE error. Stability improvements include fixing a race condition that could lead to a system crash during driver unload, correcting the verification logic used by Key_MergeSubkeys, and resolving a problem in Application Compartment mode related to File_WaitNamedPipe. Additional fixes address an IPC synchronization issue where Ipc_Handles_CritSec was not properly released when NtQueryDirectoryObject failed, as well as a bug that caused user interfaces of WebView2 applications built with Tauri to become unresponsive inside the sandbox.
As part of ongoing cleanup, the deprecated configuration option UseElectronWorkaround=y has been removed, as the new Electron detection mechanism supersedes the previous workaround. Overall, this release improves compatibility with modern application frameworks, strengthens certificate validation behavior, and resolves several stability issues, making it a recommended update for all Sandboxie-Plus users.
For a full list of changes please review the change log.
Download: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.4
