Does Sandboxie Protect Kernel ?

arran · Post by **arran** » Fri Dec 02, 2016 3:19 pm

I remember reading that due to microsoft 64 bit patch guard Sandboxie is no longer able to block Kernel exploits is this true?

like this
https://labs.bromium.com/2013/07/23/app ... rspective/

and this recent attack
http://arstechnica.com/security/2016/11 ... d-in-2013/

What about using file folder rules to block access to the kernel32.dll file?

Curt@invincea · Post by **Curt@invincea** » Fri Dec 02, 2016 4:19 pm

This has been discussed quite extensively. http://forums.sandboxie.com/phpBB3/view ... 3&p=103163

And, no, you cannot block the kernel with Sbie. At any rate, kernel32.dll is not part of the kernel. It contains the user mode APIs that interface to the kernel.

Peter2150 · Post by **Peter2150** » Sat Dec 03, 2016 8:36 am

Where does the arstechnica article say Sandboxie was bypassed?

Curt@invincea · Post by **Curt@invincea** » Sat Dec 03, 2016 5:09 pm

Peter2150 wrote:Where does the arstechnica article say Sandboxie was bypassed?

It didn't. And that wasn't even a kernel exploit.

Peter2150 · Post by **Peter2150** » Mon Dec 05, 2016 10:48 am

I didn't think so. Don't see why OP linked that article

Sandboxie Support

Does Sandboxie Protect Kernel ?

Does Sandboxie Protect Kernel ?

Re: Does Sandboxie Protect Kernel ?

Re: Does Sandboxie Protect Kernel ?

Re: Does Sandboxie Protect Kernel ?

Re: Does Sandboxie Protect Kernel ?

Who is online