Discussion in 'sandboxing & virtualization' started by ad18, Dec 16, 2013.
Yes, 5.22 is the last version for XP:
assuming they wont share code for special compiling?
Um, don't know what/when changed. I've removed Full Access *\mailslot\NVTInj\* in my sandboxes.
Exe Radar Pro 3.1 appears to communicate in my sandboxes.
...any confirm Full Access *\mailslot\NVTInj\* is no longer needed?
Edit: ERP appears to prompt for an application after that application is sandboxed by Sandboxie.
Maybe, that's not the same as communicating with an application.
Hi bjm. If the behavior of NVT is the same when it monitor programs running sandboxed as when they don't run sandboxed, then you don't need full access settings or compatibility settings. Even when this settings are available, if they are not needed, you are better off not using them.
The prompt you mention in the Edit kind of tells that NVT and SBIE are OK working along each other. What I would do if I was you is run a few programs, executables, and compare behavior. See if there is a difference in the prompts or behavior by NVT. I reckon there ought to be a difference when Sandboxie is added to the mix, but what is the difference, and does the prompt tells you anything that gives a clue of what you are actually running sandboxed. If it does, then I think you are OK (without using settings from the SBIE side).
for example: ExeRadarPro Alert Mode + call HitmanPro (not whitelisted) w/wo sandbox
...after reading message & message.
...thought I'd see how ExeRadarPro works without Full Access *\mailslot\NVTInj\* in my sandboxes.
Edit: any idea what the presumed compatibility template Full Access *\mailslot\NVTInj\* is/was supposed to satisfy?
Thanks a lot for the Info!
Hi majoMo. You can read the complete comment by Curt in the post below or click the link to his post at the Sandboxie forum without having to login there.
@ bo elam, I did that. Thanks!
Hey everyone: after ditching Firefox before due to mystery high CPU, I reinstalled it after this I Robot thing died down but high CPU from Firefox exe came back. So, based on some great user reports, I opted to try Yandex browser. After setting up a sandbox, I thought correctly, I'm getting this error 2203:
I checked for known conflicts--none, and read other posts in the Sbie forum on the error code and these were kind of left dangling. Any insights? I believe I added every Yandex folder from every space on C:
Edit: I tried this: Set Yandex as default browser and ran it under Default Box--very simplified, and got the same message, one after the other. I'm thinking there's incompatibility there. Should this be reported on the Sandboxie forum, you think? This browser looks promising, it might be worth it.
@plat1098 this alert, which exist since years, is for almost every chromium browsers; there is no fix i know about, the only "solution" (which i don't like much but have to do) is to just hide this alert.
Hi plat1098, if Yandex works fine despite the message being issued, then its OK to ignore it and Hide it. I used to get one like that for KMPlayer in XP, that didn't stop me from using the player. Everything worked the same as before I started getting the message.
Suggestion about Firefox. Try the 32 bits version of the browser, you might get a nice surprise,
Yep, five minutes after I posted, I took Yandex off, figuring there was something off there. Thanks for tip.
@bo elam: OK, will have to try that. Definitely worth a try. Otherwise 20% of a 4.0 GHz CPU for just one YouTube music tab and couple of static ones is absurd and suspicious, right? IE was using 4-5% for the same things, and much less RAM.
Security Update KB4056897 causes Sandboxie to be unusable. Had to uninstall the security update in order to use Sandboxie. https://forums.sandboxie.com/phpBB3/viewtopic.php?f=11&t=25290
Thanks for putting us aware of.
YW Mr. X
and now the first serious challenge for sandboxie:can protect sandboxed browser against this cpu kernel
attack ? my opinion is no! i remember tsuk said a kernel attack might bypass sbie
the sbie forum is silent about that question.
also microsoft will patch the kernel then sbie needs a new version(will need a lot of time) about this new patch
in the meantime we are all vulnerable.
sorry typo, its not a link
i guessed right!
Post by Curt@invincea » Thu Jan 04, 2018 10:04 pm
shmu26 wrote: ↑
Thu Jan 04, 2018 7:46 pm
They are now saying that it can be exploited also from web pages, and both chrome and firefox are vulnerable.
So the question comes back: will sandboxing the browser protect from a web exploit of this type, which steals data from memory? We are still investigating these issues. Since these are hardware problems that bypass Windows entirely, I doubt they can be stopped by sandboxing. Most likely these can only be mitigated by Windows kernel patches (i.e. Microsoft).
There is no reason to panic. There is no known exploit of this bug in the wild, and MS patches are being distributed now.
so guys the end of security is here ..until microsoft find a patch,but the total solution is intel to redesing the cpus!
lets pray to M$
Yeah like Intel ME is ever going to go away
5.23.3 is out:
Changes in 5.23.3
Fixed Win 7-64 Sbie driver load failure with KB4056897
I think we are as vulnerable today as we were a couple of days ago. No real difference.
The Windows update works fine with Sandboxie in W10, nothing appears to be broken. I tested everything I do sandboxed, all seems well.
About W7. My W7 is 32 bits, I am going to install Windows updates after updating Sandboxie to 5.23.3....and see what happens.
Well, the more the exploit is known as time passes the more bad people will try to attempt to use it.
Thanks MR. X I'll give it another try with the new update. Trying it in 7 64 bit Bo, will let y'all know what happens. EDIT: Updated Sandboxie to beta 5.23.3 64 bit and Reinstalled KB4056897 windows update and all are working well. Good job.
Updated one to 523.3/64 bit. Just have it on the browser for now as all these Windows/Intel issues are still swirling around. Plus, I don't feel like doing anything right now. Just grateful these machines sailed right thru this mess.
Separate names with a comma.