SBIE2205 Error

Hello

I am getting this error, maybe is because the new option "Tell websites not to sell or share my data" or for the FF latest version

Only God knows





Firefox v120.0
SBIE+ v1.11.4
Ms Win 10 v22H2 (OS Build 19045.3693)

Thanks
Camelia

 

Confirmed. I have the same issue with the latest version of Firefox 120.0. I think it's related to the new setting 'Allow Firefox to automatically trust third-party root certificates you install' in Settings>Privacy & Security>Certificates which is 'On' by default for all users.

The release notes for version Firefox 120.0 states the following:

Firefox now imports TLS trust anchors (e.g., certificates) from the operating system root store. This will be enabled by default on Windows, macOS, and Android, and if needed, can be turned off in settings (Preferences → Privacy & Security → Certificates).

Sandboxie Plus 1.12.0 (64-bit)
Firefox 120.0 (64-bit)
Windows 10 22H2 (64-bit)

 

Use Sandboxie version v1.12.1 / 5.67.1 or higher.


Disable credit card autofill.

Code:

https://support.mozilla.org/kb/credit-card-autofill

OR

If you are using autofill, add the following to your sandbox configuration.

Code:

OpenCredentials=y

 

@busy - Sorry for the late reply. I've been putting up Christmas lights for the holiday season. Anyway, OpenCredentials=y worked. By the way, I'm not using autofill and have it completely disabled. It's definitely related to the certificate setting 'Allow Firefox to automatically trust third-party root certificates you install'.

 

Ok, maybe @DavidXanatos knows about this bug, I will wait until the next update

Firefox v120.0 (64-bit)
SBIE+ v1.12.0 (64-bit)
Ms Win 10 v22H2 (OS Build 19045.3693) (64-bit)

Thanks
Camelia

 

I also get this error message from time to time. However, all 3 options mentioned here are disabled in my Firefox. Therefore it seems to be caused by another change in Firefox v120.

I don't necessarily want to allow "OpenCredentials=y" and hope for another solution.

 

Glad to see this post. Since updating FF I am seeing this continually when I close FF. Would like to stop this.

 

will look into it ASAP

 

Add me to the list of folk getting this message.
Thanks, David.
Acadia

 

Thanks

 

Hi, so does adding "OpenCredentials=y" to "Sandboxie.ini" open a window through sandbox for things saved to "Control Panel\All Control Panel Items\Credential Manager"? I have disabled Firefox updates and won't update to v120 for now, I don't think it's a problem to wait for a while.

 

try: https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.12.1

 

The error message no longer appears. Thank you for the quick fix.

 

Same with me - just started with FF 120...

 

This is the first update that Virus Total detects 3 False Positives

#FP Bkav / Pro W32.AIDetectMalware -
#FP Ikarus / Trojan-Downloader.Win32.Generic -
#FP Rising / Trojan.Generic@AI.85 (RDML:4OAAh2CgXvZ

Sha256: 14b65aff41cb68c170f936218f2664ffd9f8e9887a498e5d76d953b56f24e15b

Could be because the latest version https://github.com/sandboxie-plus/Sandboxie/releases/download/v1.12.1/Sandboxie-Plus-x64-v1.12.1.exe
is unsigned?

Thanks
Camelia

 

@DavidXanatos , the fix unfortunately has a small side effect. If a sandboxed Acrobat Reader is closed under the current version 1.12.1, the following error message is now always displayed:

Code:

Acrobat.exe: SBIE2205 Dienst nicht implementiert: CredEnumerateA

(https://github.com/sandboxie-plus/Sandboxie/issues/3441#issuecomment-1826280016)

 

Fixed with version 1.12.2, thank you.

 

Check the Github-pages of Sandboxie. It tells you if a new version is Stable (signed) or a Pre-release (unsigned).

Example: https://github.com/sandboxie-plus/Sandboxie/releases

 

Release v1.12.2 / 5.67.2 - VT 3/71 - November 29, 2023
#FP Bkav Pro / W32.AIDetectMalware #FP Ikarus / Trojan-Downloader.Win32.Generic #FP SecureAge / Malicious
https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.12.2
https://github.com/sandboxie-plus/Sandboxie/releases/download/v1.12.2/Sandboxie-Plus-x64-v1.12.2.exe

Thanks
Camelia

 

Quote from the release text: "This is a unsigned pre-release build, a final build is scheduled for the end of this week."

Certain virus scanners always issue a warning for unsigned files. Here you have to decide for yourself whether you believe warnings from such insignificant virus scanners.

 

@camelia When you post every time VT has one FP for sandboxie this will be a long thread

For unsigned files VT has a high chance to flag files. Even for fully singed files there are a lot that have 1-2 FP on VT. It will be up to you then to decide what to do. Trust that the two (most of the time unknown AV engines) are right or all the others wrong.
If you still feel unsure you could report it as a FP to the AV vendor flagging the file.

Edit for example:
Just take the latest Glasswire file 8ee2a3aebc0d923c05f6818bd7556da8b55eeaa1a8808f4c11d354782f4909c3. It's signed, the SHA 256 matches the one the devs published and VT is showing it 2/57. Like I said it's up to you to decide then.

 

And this is something she clearly doesn't understand

 

and thus she already got a recommendation to ignore VT.

 

I do understand, I am only posting and reporting what I found... what is wrong with that?

Thanks
Camelia

 

you ask us whats wrong with files?
you did not understood until now whats wrong with VT for you!