Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer. Version 3.44 reintroduces support for 64-bit Windows.
The red arrows indicate changes flowing from a running program into your computer. The box labeled Hard disk (no sandbox) shows changes by a program running normally. The box labeled Hard disk (with sandbox) shows changes by a program running under Sandboxie. The animation illustrates that Sandboxie is able to intercept the changes and isolate them within a sandbox, depicted as a yellow rectangle. It also illustrates that grouping the changes together makes it easy to delete all of them at once.
Starting with version 3.44, Sandboxie offers full support for 64-bit editions of Windows Vista with Service Pack 1, and Windows 7.
The downloadable installer package SandboxieInstall.exe contains both 32-bit and 64-bit editions of Sandboxie. To install Sandboxie, simply run the installer package, and it will automatically select the appropriate edition of Sandboxie.
Note that some editions of 64-bit Windows 7 can also run the 32-bit edition of Sandboxie in Windows XP Mode.
The 64-bit edition of Sandboxie is somewhat disadvantaged in terms of security compared to the 32-bit edition of Sandboxie.
The disadvantage is a result of a component present in all versions of 64-bit Windows, called Kernel Patch Protection. While the stated purpose of this component is to enhance system integrity and stability, a side effect of its operation is hindering flexibility and innovation by third-party developers. Please read the section below for more information.
It should be noted, however, that even with this disavantage, the 64-bit edition of Sandboxie is still an adequate front line of defense against most types of malicious software.
Additionally, in order to compensate for this disadvantage, the 64-bit edition of Sandboxie enables the Drop Rights setting by default. This setting may need to be disabled before software can be installed into a sandbox.
About Kernel Patch Protection (PatchGuard)
In 64-bit editions of the Windows platform, Microsoft has extended the core of the operating system, the kernel, in such a way that it routinely performs self-checks to detect any tampering. This self-checking component is officially called Kernel Patch Protection and commonly referred to as PatchGuard.
The software isolation provided by Sandboxie is not supported by the Windows kernel, so Sandboxie must make some changes to the kernel to implement the isolation features. This is detected by PatchGuard as tampering, and so the system crashes soon after Sandboxie is installed.
Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.
Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows.
Secure E-mail: Viruses and other malicious software that might be hiding in your email can't break out of the sandbox and can't infect your real system.
Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.
Full support for 64-bit Windows. - Single installation EXE contains both 32-bit and 64-bit editions of Sandboxie.
Sandboxie - 64bit software