Sanboxie and Windows Vista

Hi all,

I've read a lot about the Sanboxie hype here and even when I don't use it I'm curious thus I've got a couple of questions about it.

First: I know under Windows Vista, IE8 [or IE7] runs in so called “Protected Mode” which means it runs with lower privileges even when you might be logged in as an Administrator. That in turn lowers the probability of executing some malware that could affect your operating system as you browse the Net.

Windows XP is a different story. If you are logged in as an Administrator on this OS, then everything from the IE browser to windows explorer run with the highest privileges.

To me, it makes sense running Sanboxie on Windows XP but, on Vista, I'm not sure about the added value it might have.

Lastly, my question is: Do you really need to run Sandboxie on Windows Vista to protect IE? If so, wouldn't this have conflicts with IE Protected Mode [UAC] ?

By the way, I run Windows Vista Business with SP-2.

Best regards,

Carlos

 

Hello,

Thanks for your reply.

Well, based on what you've written it might be worth giving Sandboxie a try even on Vista with all its protection.

Ok, I'll give it a go and I'll report back afterwards.


Kind regards,

Carlos

 

Running Internet explorer 7 through sandboxie on Vista would disable protected mode, but when I last tried Sandboxie with Internet explorer 8 in Vista the browser wouldn't load in the sandbox, it would load then disappear.

I personally just browse with Internet explorer 8, which I think offers enough security with Protected mode and smartscreen filter. I had always preferred firefox, but I got fed up with the bugs.

 

You're right. Running IE in Sandboxie will make IE start with Protected Mode disabled.
When I asked Tzuk about it, I was told that it conflicts with IE's sort of sandbox provided by Protected Mode.

But, Sandboxie also offers the option to run IE with lower rights.

My question would be: Would it be possible (nothing's impossible) for some malware attack your system through IE, while sandboxed, and then there's not even Protected Mode there to protect you? At least, if Protected Mode still worked, it would be one more line of defense standing there.

So far, from all sandboxing alike tools I've tried, Sandboxie is the only conflicting with it.

The problem with IE 8 and Sandboxie has been solved. I also had it.

One other thing I've found to be quite annoying in Sandboxie, is that, if you set it to only allow IE, Firefox, Opera, etc to be the only applications to run in it's respective sandbox, then errors will start to appear, even if you set it not to display errors. Some still display, like dllhost.exe, which then will result in displaying a COM Surrogate error message. This happens when trying to save contents to Desktop. Its annoying. By supressing all error messages, they all should disappear. Wouldn't it be the purpose?

I guess I'll be getting in touch with Tzuk.

 

To be honest if you have any plans of moving to 64 bit like most people (Windows 7) I would steer clear of Sandboxie. It's hard to get rid of after you're used to using it.