added missing localization to generic list commands.
fixed MSI instalelr issue, not being able to create "C:\Config.Msi" folder on windows 20H2.
fixed unavailable options are not properly disabled when sandman is not connected to the driver.
fixed some box option checkboxes were not properly initialized.
fixed failed check for running processes when performing snapshot operations.
fixed hooking issues SBIE2303 with chrome, edge and possibly others.
this allowed some system options to be changed, to disable filtering use "OpenLsaEndpoint=y"
fixed CVE-2019-13502 "\RPC Control\LSARPC_ENDPOINT" is now filtered by the driver (thanks Diversenok).
fixed issues with dynamic IPC port handling that allowed to bypass IPC isolation.
fixed a critical issue that allowed to create processes outside the sandbox (thanks Diversenok).
Improved Resource Monitor status strings.
Note: this option is not compatible with "ProtectRpcSs=y" and takes precedence! However not granting them a system token in the first place removes possible exploit vectors Note: sandboxed services with a system token are still sandboxed and restricted use "RunServicesAsSystem=y" to enable the old legacy behavior
Changed Emulated SCM behavior, boxed services are no longer by default started as boxed system.
added more compatybility templates (thanks isaak654).
added "StartProgram=", "StartService=" and "AutoExec=" options to the SandMan UI.
added overwrite prompt when recovering an already existing file.
the filter can be disabled with "OpenPrintSpooler=y"
added print spooler filter to prevent printers from being set up outside the sandbox.
those resources are open by default but for a hardened box its desired to close them
added new isolation options "ClosePrintSpooler=y" and "OpenSmartCard=n".
old legacy behavior can be enabled with "StripSystemPrivileges=n" (absolutely NOT Recommended) with those a process could atempt to bypass the sandbox isolation (thanks Diversenok)
Sandboxie now strips particularly problematic privileges from sandboxed system tokens.
If you have issues with an update installation, just uninstall the previous version keeping the sandboxie.ini and reinstall the new build. For further details please review the change log below. It is highly advised to upgrade quickly to the new builds. Urgent security fixes (thanks diversenok)īuild 5.46.0 resolves many box isolation issues some of them critical that could allow rogue applications to escape the sandbox.
0 kommentar(er)
