Release Notes
This is an experimental build it reworks and streamlines the hooking mechanism around SCM related functions which should improve compatibility with newer windows versions. The improved hooking mechanism allows for API call tracing without the need for LogAPI.dll.
This build adds compatibility with windows 11 insider build 26040, 26052 and later, and changes the way the driver handles offset dependent kernel object modifications, the new mechanism allows an offset configuration to be loaded from the registry such that it is possible to update the offsets without rebuilding the driver.
To improve system stability Sandboxie will no longer try to use old known offsets on newer yet not known kernel builds, except when the pc participates in the windows insider program, instead it will disable the token based security isolation and issue SBIE1207 indicating the insecure fallback mode of operation.
For a full list of changes and fixes please review the change log.
You can support the project through donations, any help will be greatly appreciated.