Will Sandboxie Still Work with the Windows Kernel Overhaul?
Will Sandboxie Still Work with the Windows Kernel Overhaul?
Recently a tremendous flaw in Intel processors was discovered. In order to address the issue, Windows is expected to redesign their kernel for additional security, patching the flaw.
Updates to the Windows Kernel typically don't play too nice with Sandboxie in my experience. Is this an issue that is currently on the team's radar? Can I expect to see bluescreens after Windows patches the kernel? Or will there be an update in advance to address this upcoming issue?
Updates to the Windows Kernel typically don't play too nice with Sandboxie in my experience. Is this an issue that is currently on the team's radar? Can I expect to see bluescreens after Windows patches the kernel? Or will there be an update in advance to address this upcoming issue?
-
- Sandboxie Support
- Posts: 2337
- Joined: Mon Nov 07, 2016 3:10 pm
Re: Will Sandboxie Still Work with the Windows Kernel Overhaul?
Hello Nitrile,
It is too early to know what are the changes going to involve, but the devs are aware of the situation and we will monitor/test updates to see how they affect Sandboxie (if they affect it at all).
Regards,
Barb.-
It is too early to know what are the changes going to involve, but the devs are aware of the situation and we will monitor/test updates to see how they affect Sandboxie (if they affect it at all).
Regards,
Barb.-
-
- Sandboxie Lead Developer
- Posts: 1638
- Joined: Fri Jan 17, 2014 5:21 pm
- Contact:
Re: Will Sandboxie Still Work with the Windows Kernel Overhaul?
According to the articles I have read, this fix for Windows 10 went into the Fast Ring in Nov. & Dec. There have been no problems detected with Sbie thus far.
Re: Will Sandboxie Still Work with the Windows Kernel Overhaul?
Wonderful to know! Thank you so much for the prompt and direct reply.
Keep up the fantastic work!
Keep up the fantastic work!
Intel CPU Vulnerability. Am i secure with a Sandboxed Web-Browser?
Hi,
am i secure when i run my browser inside sandboxie?
am i secure when i run my browser inside sandboxie?
-
- Posts: 7
- Joined: Thu Jan 04, 2018 6:52 am
Re: Intel CPU Vulnerability. Am i secure with a Sandboxed Web-Browser?
AFIK: the vulnerability effects the Kernel and is at BIOS level, so probably not.
Although it is said that private/non-cloud users probably won't be targeted by bad guyys.
Although it is said that private/non-cloud users probably won't be targeted by bad guyys.
-
- Sandboxie Support
- Posts: 2337
- Joined: Mon Nov 07, 2016 3:10 pm
Re: Will Sandboxie Still Work with the Windows Kernel Overhaul?
Moved the posts related to KB4056897 here :
viewtopic.php?f=17&t=25290
The devs have been made aware.
Regards,
Barb.-
viewtopic.php?f=17&t=25290
The devs have been made aware.
Regards,
Barb.-
Re: Intel CPU Vulnerability. Am i secure with a Sandboxed Web-Browser?
They are now saying that it can be exploited also from web pages, and both chrome and firefox are vulnerable.Sandcastle wrote: ↑Thu Jan 04, 2018 8:23 amAFIK: the vulnerability effects the Kernel and is at BIOS level, so probably not.
Although it is said that private/non-cloud users probably won't be targeted by bad guyys.
So the question comes back: will sandboxing the browser protect from a web exploit of this type, which steals data from memory?
-
- Sandboxie Lead Developer
- Posts: 1638
- Joined: Fri Jan 17, 2014 5:21 pm
- Contact:
Re: Intel CPU Vulnerability. Am i secure with a Sandboxed Web-Browser?
We are still investigating these issues. Since these are hardware problems that bypass Windows entirely, I doubt they can be stopped by sandboxing. Most likely these can only be mitigated by Windows kernel patches (i.e. Microsoft).
There is no reason to panic. There is no known exploit of this bug in the wild, and MS patches are being distributed now.
Re: Will Sandboxie Still Work with the Windows Kernel Overhaul?
Can somebody explain this? For example, some malicious process started in SB and via Meltdown exploit read my memory. If I terminate all process in this sandbox is I'm safe from this moment? can some processes exist only in memory after killing all processes in sandbox or i need restart pc?
Re: Will Sandboxie Still Work with the Windows Kernel Overhaul?
While not exactly what you asked about, Please see: viewtopic.php?f=17&p=131781#p131781danicx wrote: ↑Sat Jan 06, 2018 9:24 amCan somebody explain this? For example, some malicious process started in SB and via Meltdown exploit read my memory. If I terminate all process in this sandbox is I'm safe from this moment? can some processes exist only in memory after killing all processes in sandbox or i need restart pc?
More particularly I haven't been able to test it properly and I AM NOT A MALWARE PRO but it seems to be possible for an offending process (or script) to run [given normal limits] within the sandbox and any other 'allowed' exe to then make use of such exploits via JS. While the Spectre exploit in particular seems difficult to reproduce\achieve atm, the meltdown exploit (to my limited knowledge) is partly taken care of via the OS updates with winblows and we should just be waiting on the hardware vendors (which may never update old stuff) to enable the changes via a bios/uefi update.
I'm not normally a cross my fingers type of person but sadly without more info, that is now what I am down to at the moment like everyone else.
The spectre side still has me wondering atm but if it helps the beer hasn't been thrown too far yet.
More generally, yes, if all offending processes are killed then the threat *should be over* by that point. Please take into account I'm not a programmer and I'm tooting outta an unsecured hole....and I'm almost always intoxicated...geesh I sound rather untrustworthy all the sudden!
Goo.gl/p8qFCf
Who is online
Users browsing this forum: No registered users and 1 guest