| The focus of this release is to improve usability and here are the changes: |
Improved Usability with Clipboard Based Protection:
Earlier you could not copy-paste in and out of Sandboxed applications. We have made two changes in this regard:
a - You should be able to copy text from sandboxed application to outside Sandbox. This is by default.
b- If you want to paste text from application running outside sandbox in application running inside sandbox, we have added a new check box in Sandbox Settings as "Enable clipboard access to Sandboxed applications", de-selected by default, as we don't want a Sandboxed applications to have access to passwords from outside. So if you want to paste text in a sandboxed application, you can select check box and be able to paste in.
Improvised message for possible file-less malware cases:
We introduced support of file-less malware in v594 in similar fashion as we have in CIS. But as one of CIS users pointed here, he didn't have enough information to act on alert.
So we have improved message and user will know as exactly what was the application that executed another application and passed command line params. Please see attached snaps of alert. We are further working in this area to auto analyze and block true cases of file-less malware.
Improvised handling of sandboxed PDF cases:
We had two problems in there:
a. When PDf executed in Sandbox, e.g. launched from email client, user had no idea as why pdf will be Sandboxed.
b. When PDF running in Sandbox is saved, it ended up saved as in Sandbox itself, so user could not find it. And it could be very confusing.
In this release, we have improvised the message user sees when pdf is sandboxed and also, in case you save PDF, it will always be saved outside Sandbox. The reason is, if you trust the PDF, natural reaction would be to save it, that means user trusts the PDF.