Sandboxie Support

Combined 32/64 installer:
http://www.sandboxie.com/SandboxieInstall-415-12.exe

Separate:
http://www.sandboxie.com/SandboxieInstall32-415-12.exe
http://www.sandboxie.com/SandboxieInstall64-415-12.exe

Fixes in 4.15.12

1) KB3031432 in Win 8-64 causes Chrome-64 to crash.
2) Sbie now detects when a sandboxed application starts WerFault.exe because it has crashed, and gives WerFault plenty of time to create a crash DMP file.

WerFault has a couple of flaws. It doesn't create the crash DMP until the user presses OK on the crash popup dialog box. If the user does not respond quickly, the crashed application will exit memory and the DMP cannot be created. So now Sbie disables the WerFault dialog box and issues its own SBIE2224 "Sandboxed program has crashed". WerFault also must be given enough time to do various Internet activities before the application exits.

Fixes in 4.15.11

The only change in this beta is to diagnose these 2 error messages:
SBIE2205 Service Not Implemented: LoadedModules
SBIE2205 Service Not Implemented: NtCreateProcessEx (xxxx)

I added an error code to the LoadedModules error. I believe the NtCreateProcessEx error is masking the real problem, which is a crash in the sandboxed application. So I removed it.
Now whatever application is crashing should reveal itself and we can diagnose the problem.

Fixes in 4.15.10

1) Outlook 2013 crash at start fixed
2) Excel 2013 would remain in memory after program exit.

Fixes in 4.15.9

1) Hooking crash in Win 8.0 fixed

Fixes in 4.15.8

1) Fixed another Dll Initialization Failed issue
2) Error SBIE2101 now gives more information.
3) Increased named pipe timeout from 3 seconds to 10 seconds to eliminate SBIE2101 error.
4) A security problem reported by a user has been fixed (details when 4.16 is released).

Fixes in 4.15.7

1) Fixed a DLL Initialization Failed error 0x0C0000142 with Chrome and possibly other 32 bit applications (hooking conflict).
2) Removed Avast from the list of known conflicts in templates.ini. This means Sandboxie will no longer popup the dialog box telling you to "review the Known Conflicts page..." when Avast is detected.

Fixes in 4.15.6

1) Certificate revocation information is sometimes unavailable. IE occasionally pops up dialog "Revocation information for the security certificate for this site is not available. Do you want to proceed?"
2) Win 8.1 KB3000850 affected Office 2013 (and possibly other apps). Sandboxie would issue error SBIE2205 Service not Implemented: LoadedModules.
3) Added OpenIpcPath=*\BaseNamedObjects*\FntCache to templates.ini to eliminate more font cache problems.
4) Added ClosedFilePath=%SystemRoot%\System32\IDStore.dll & ClosedFilePath=%SystemRoot%\System32\wlidprov.dll to templates.ini to eliminate Windows Live problems.


Fixes in 4.15.5

1) More hooking code fixes.
2) Fixed drag/drop crash in Chrome

Fixes in 4.15.4

1) Several problems fixed in new hooking code. Win 8.1-64 explorer.exe menu problem fixed.


Fixes in 4.15.3

1) Several problems fixed in new hooking code.


Fixes in 4.15.2

1) More changes to hooking code. If you have been having problems with starting applications (particularly games) under Sandboxie, see if this fixes the problem.

2) Chrome should now be able to create dump files (DMP) if it crashes. If you have been crashing with dropped rights in Chrome, see if there are DMP files in C:\Sandbox\<user>\DefaultBox\user\current\AppData\Local\CrashDumps.

Fixes in 4.15.1

1) Major redesign of hooking/injection code. ASLR is now enabled for 64 bit (it was already enabled for 32 bit).

2) VC Redistributables are no longer downloaded by the combined 32/64 installer. The required VC DLLs are now included in the installer binary (which is why it is much larger now).

Thanks for the update.

Thank you and like the implementation of ASLR for my Windows 64-bit system !

I had my fingers crossed when I saw this new beta posted but I am still getting the following error when launching Chrome (Version 38.0.2125.111 m) with Drop Rights enabled:

The system isn't giving me the option to attach a screenshot - here is the text:

---------------
Windows Application Error

The instruction at 0x5856632e referenced memory at
0x00000001c. The memory could not be read.

Click on OK to terminate the program.
---------------

Clicking OK results in the "Aw, Snap!" Chrome error message.

Chrome seems to work fine if "Drop Rights" is not selected.

This problem still exists:
http://forums.sandboxie.com/phpBB3/view ... 29#p104529
Kind of bypass. :(

Thanks Curt...

4.15.1 feels good (W7 and XP 32 bits), Curt.

Bo

Julian wrote:This problem still exists:
http://forums.sandboxie.com/phpBB3/view ... 29#p104529
Kind of bypass.

It's not a bypass. It's how IDM implement it. IDM is using Windows Filtering Platform which inspect packet and when a pattern is a matched it captures the download. My guess is you're using the older version. Try using the latest, I think there are some mechanism and changes made.

How is this supposed to be possible when IDM process is not running?

Julian wrote:How is this supposed to be possible when IDM process is not running?

It is a kernel driver that is loaded by service control manager upon windows start. Basically it can monitor, modify, capture, intercept the packet before it reaches destination. That means if you're using firefox sandboxed or unsandboxed for downloading and if the packet matches the pattern it can intercept before it reaches firefox browser and IDM download begins. But as I have said there are mechanisms involved using their advanced browser integration that may change it behavior.

Windows 8 x64 / IE10

When launching IE sandboxed:

The instruction at 0xa9b11b4e referenced memory at 0xffffffff. The memory could not be read. Click OK to terminate the program.

followed by:

The instruction at 0xa9b16013 referenced memory at 0xcc5177d0. The memory could not be written. Click OK to terminate the program.

After reverting back to 4.14, no problems.

4.15.2 is available. Hopefully, we can get some DMP files for the Chrome crash with dropped rights and find out what is going wrong.

RonR wrote:Windows 8 x64 / IE10

When launching IE sandboxed:

The instruction at 0xa9b11b4e referenced memory at 0xffffffff. The memory could not be read. Click OK to terminate the program.

followed by:

The instruction at 0xa9b16013 referenced memory at 0xcc5177d0. The memory could not be written. Click OK to terminate the program.

After reverting back to 4.14, no problems.

Problem has changed with 4.15.2 (see attachment)

After reverting to 4.14, all is well again.

I tried to reproduce the drop rights issue today in Google Chrome using 4.15.1 in Windows 8.1 and fortunately I was able to. This drop rights issue more likely to occur on windows 7 when UAC is set to "Never notify" than in windows 8. As I could remember when I was using Windows 7 the behavior of UAC changes in windows 8. In Windows 7 when UAC is set to "Never notify" all running application will have an elevated privileges while in Windows 8 even set to "Never notify" you need to right-click -> "Run as administrator" to run in elevated privileges.

To reproduce drop rights issue in Windows 8. Since right-click -> "Run Sandboxed" will not give you the option to attempt to elevate the process you need to enable "Force Google Chrome to run in this sandbox" after that, right-click Google Chrome -> "Run as administrator" then try to browse then the error comes.

Not sure why you expect DMP if it is not 'chrome has stopped working' or 'Whoa! Google Chrome has crashed'. Who the hell have UAC enabled Masochists?