Sandboxie-Plus Features

Rule Specificity -> data protection *

  • With this option rules are prioritized based on their specificity (see changelog/docs for details) this way sub paths can be readable/writeable while parent parts are still protected. With this applying a preset rule collection all locations potentially containing personal data can be protected. Applications running in boxes with personal data protection will see an empty PC with no user data on it.

Compartment Mode *

  • This mode is intended to optimize compatibility at the cost of security, here sandboxie’s token-based isolation scheme is not used. Isolation is limited to the FS minifilter as well as registry and object callbacks. This has the potential to greatly improve compatibility with variouse applications.

WFP (Windows Filtering Platform) support

  • With this feature Sandboxie can be like an application firewall which applies the rules on a per box bases allowing the same application access to the internet in one box while blocking it in another.

Windows 11 context menu integration

Process/Thread handle filtering (obCallbacks)

  • Using this mechanism greatly improves on isolation of processes and provides enhanced security.

Win32 syscall hooking

  • With this feature win32 sys calls can get the same treatment as NT sys calls which helps with graphics and hw acceleration.

    New UI with dark mode and much more

  • Sandboxie-Plus bring an entirely new Qt based UI sandman.exe
  • Customizable per box run menu
  • Global hotkey to terminate all boxes
  • INI section editor for easy configuration of advanced options
  • Box event triggers/scripts
  • Ability to stop selected applications from running globally, regardless of box presets


  • Sandboxie-Plus can create box snapshots, with them it is possible to easily revert a box to a defined previous state.
  • Box set to auto delete will when available auto revert to the last snapshot allowing to benefit from a fresh clean box each time but with some preset configuration

Enhanced debug/trace monitor

Fake admin privileges

  • Allows to make all processes in a box think thay have admin permissions and act accordingly, without the potential draw backs of granting them admin permissions

Box size monitor

  • Monitor and list box size in an own column

Start Menu integration

  • Integrate start menu entries from sandboxes into the host start menu

Security enhanced sandboxes *

  • Restrict syscall elevation to approved known safe / filtered sys calls
  • Limit access to device endpoints to known safe / filtered endpoints

Sandbox SID isolation

  • Instead of using anonymous login SID use per box custom SID’s like Sandboxie/DefaultBox this way processes from separate boxes won’t be able accessing each other’s resources.

ARM64 support for windows 11 *

  • Support ARM64 natively
  • Support emulated x86
  • Support emulated x64 (ARM64EC)

A lot of security fixes

  • FIXED: memory of unsandboxed processes can no longer be read, exceptions can be configured
  • FIXED: NtCreateSymbolicLinkObject was not filtered (thanks Diversenok)
  • FIXED: in certain cases, a sandboxed process could obtain a handle on an unsandboxed thread with write privileges
  • FIXED: Hard link creation was not properly filtered (thanks Diversenok)
  • FIXED: when starting COMSRV unboxed, the returned process handle had full access
  • FIXED: the HostInjectDll mechanism allowed for local privilege escalation (thanks hg421)
  • FIXED: elevated sandboxed processes could access volumes/disks for reading (thanks hg421)
  • FIXED: a race condition in the driver allowed to obtain an elevated rights handle to a process (thanks typpos)
  • FIXED: "\RPC Control\samss lpc" is now filtered by the driver (thanks hg421)
  • FIXED: "\Device\DeviceApi\CMApi" is now filtered by the driver (thanks hg421)
  • FIXED: the registry isolation could be bypassed, present since Windows 10 Creators Update
  • FIXED: a Sandboxed process could start sandboxed as system even with DropAdminRights in place
  • FIXED: Sandboxie now strips particularly problematic privileges from sandboxed system tokens
  • FIXED: added print spooler filter to prevent printers from being set up outside the sandbox
  • FIXED: processes could spawn processes outside the sandbox (thanks Diversenok)
  • FIXED: bug in the dynamic IPC port handling allowed to bypass IPC isolation
  • FIXED: CVE-2019-13502 "\RPC Control\LSARPC_ENDPOINT" is now filtered by the driver (thanks Diversenok)
  • FIXED: fixed permission issues with sandboxed system processes
  • FIXED: fixed missing SCM access check for sandboxed services (thanks Diversenok)
  • FIXED: sandboxed processes could obtain a write handle on non-sandboxed processes (thanks Diversenok)
  • Features only available with a valid supporter certificate