From 69dc9a18dd67a6d9852f16958b22969fecef95da Mon Sep 17 00:00:00 2001
From: DavidXanatos <3890945+DavidXanatos@users.noreply.github.com>
Date: Tue, 13 Feb 2024 17:34:25 +0100
Subject: [PATCH] 1.13.1

---
 CHANGELOG.md                  |  1 +
 Sandboxie/core/drv/dyn_data.c | 24 ++++++++++++++++++++++--
 Sandboxie/core/drv/process.c  |  2 +-
 3 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 67b93a2e..1fe39849 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 ### Fixed
 - added missing checkbox for api tracing
+- fixed incompatybility with windows ARM64 insider build 26052 and later
 
 ### Changed
 - changed DynData format to add flags
diff --git a/Sandboxie/core/drv/dyn_data.c b/Sandboxie/core/drv/dyn_data.c
index 35d9b73f..99e0a166 100644
--- a/Sandboxie/core/drv/dyn_data.c
+++ b/Sandboxie/core/drv/dyn_data.c
@@ -96,13 +96,33 @@ _FX NTSTATUS Dyndata_InitDefault(PSBIE_DYNDATA* pDefault, ULONG* pDefaultSize)
 
 #ifdef _M_ARM64
 
-#define DATA_COUNT 2
+#define DATA_COUNT 3
 
     INIT_DATA(IMAGE_FILE_MACHINE_ARM64, DATA_COUNT)
 
     BEGIN_DATA
 
-    // todo
+    // 22000+ - ... // W11 - ...
+    Data->OsBuild_max = WIN11_LATEST;
+    Data->OsBuild_min = SVR2025;
+
+    Data->Clipboard_offset = 0x80;
+
+    Data->ImpersonationData_offset = 0x518;
+
+    Data->RestrictedSidCount_offset = 0x80;
+    Data->RestrictedSids_offset = 0xA0;
+    Data->UserAndGroups_offset = 0x98;
+    Data->UserAndGroupCount_offset = 0x7c;
+
+    Data->Flags2_offset = 0x1E0;
+    Data->MitigationFlags_offset = 0xA90;
+    Data->SignatureLevel_offset = 0x938;
+
+    Data->ServiceTable_offset = -1;
+    //
+
+    NEXT_DATA
 
     // 22000+ - ... // W11 - ...
     Data->OsBuild_max = 26020;
diff --git a/Sandboxie/core/drv/process.c b/Sandboxie/core/drv/process.c
index 93f21de5..8fa2065f 100644
--- a/Sandboxie/core/drv/process.c
+++ b/Sandboxie/core/drv/process.c
@@ -810,7 +810,7 @@ _FX PROCESS *Process_Create(
     // and isseu a security warning MSG_1207
     //
 
-    if (!Dyndata_Active) {
+    if (!Dyndata_Active && !proc->bAppCompartment) {
 
         proc->bAppCompartment = TRUE;