diff --git a/CHANGELOG.md b/CHANGELOG.md
index be58b919..5a08dc78 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,11 +9,15 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [1.12.3 / 5.67.3] - 2023-11-
 
+### Added
+- added template to add usefull exclusions to confidential boxes
+
 ### Fixed
 - FIXED SECURITY ISSUE ID-23 SeManageVolumePrivilege is now blocked, as it allowed to read MFT data (thanks Diversenok)
 - fixed Program launch when forcing prcesses into a confidential box [#3173](https://github.com/sandboxie-plus/Sandboxie/issues/3173)
 
 
+
 ## [1.12.2 / 5.67.2] - 2023-11-
 
 ### Added
diff --git a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
index 0a56243c..6f980e79 100644
--- a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
+++ b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
@@ -1349,54 +1349,7 @@
             <layout class="QGridLayout" name="gridLayout_83">
              <item row="0" column="0">
               <layout class="QGridLayout" name="gridLayout_82">
-               <item row="8" column="2">
-                <widget class="QCheckBox" name="chkShowHostProcTmpl">
-                 <property name="text">
-                  <string>Show Templates</string>
-                 </property>
-                </widget>
-               </item>
-               <item row="2" column="1">
-                <widget class="QCheckBox" name="chkConfidential">
-                 <property name="text">
-                  <string>Protect processes within this box from host processes</string>
-                 </property>
-                </widget>
-               </item>
-               <item row="7" column="2">
-                <spacer name="verticalSpacer_31">
-                 <property name="orientation">
-                  <enum>Qt::Vertical</enum>
-                 </property>
-                 <property name="sizeHint" stdset="0">
-                  <size>
-                   <width>20</width>
-                   <height>40</height>
-                  </size>
-                 </property>
-                </spacer>
-               </item>
-               <item row="3" column="2">
-                <spacer name="verticalSpacer_40">
-                 <property name="orientation">
-                  <enum>Qt::Vertical</enum>
-                 </property>
-                 <property name="sizeHint" stdset="0">
-                  <size>
-                   <width>20</width>
-                   <height>40</height>
-                  </size>
-                 </property>
-                </spacer>
-               </item>
-               <item row="9" column="2">
-                <widget class="QPushButton" name="btnDelHostProcess">
-                 <property name="text">
-                  <string>Remove</string>
-                 </property>
-                </widget>
-               </item>
-               <item row="1" column="1">
+               <item row="1" column="2">
                 <spacer name="horizontalSpacer_19">
                  <property name="orientation">
                   <enum>Qt::Horizontal</enum>
@@ -1409,24 +1362,41 @@
                  </property>
                 </spacer>
                </item>
-               <item row="5" column="2">
-                <widget class="QPushButton" name="btnHostProcessAllow">
+               <item row="7" column="3">
+                <widget class="QPushButton" name="btnHostProcessDeny">
                  <property name="text">
-                  <string>Allow Process</string>
+                  <string>Deny Process</string>
                  </property>
                 </widget>
                </item>
-               <item row="4" column="0" colspan="2">
-                <widget class="QLabel" name="label_5">
-                 <property name="text">
-                  <string>Protect processes in this box from being accessed by specified unsandboxed host processes.</string>
+               <item row="8" column="3">
+                <spacer name="verticalSpacer_31">
+                 <property name="orientation">
+                  <enum>Qt::Vertical</enum>
                  </property>
-                 <property name="wordWrap">
-                  <bool>false</bool>
+                 <property name="sizeHint" stdset="0">
+                  <size>
+                   <width>20</width>
+                   <height>40</height>
+                  </size>
+                 </property>
+                </spacer>
+               </item>
+               <item row="10" column="3">
+                <widget class="QPushButton" name="btnDelHostProcess">
+                 <property name="text">
+                  <string>Remove</string>
                  </property>
                 </widget>
                </item>
-               <item row="5" column="0" rowspan="5" colspan="2">
+               <item row="11" column="0" colspan="4">
+                <widget class="QCheckBox" name="chkNotifyProtect">
+                 <property name="text">
+                  <string>Issue message 1318/1317 when a host process tries to access a sandboxed process/the box root</string>
+                 </property>
+                </widget>
+               </item>
+               <item row="6" column="0" rowspan="5" colspan="3">
                 <widget class="QTreeWidget" name="treeHostProc">
                  <property name="sortingEnabled">
                   <bool>true</bool>
@@ -1448,11 +1418,30 @@
                  </column>
                 </widget>
                </item>
+               <item row="4" column="3">
+                <spacer name="verticalSpacer_40">
+                 <property name="orientation">
+                  <enum>Qt::Vertical</enum>
+                 </property>
+                 <property name="sizeHint" stdset="0">
+                  <size>
+                   <width>20</width>
+                   <height>40</height>
+                  </size>
+                 </property>
+                </spacer>
+               </item>
+               <item row="9" column="3">
+                <widget class="QCheckBox" name="chkShowHostProcTmpl">
+                 <property name="text">
+                  <string>Show Templates</string>
+                 </property>
+                </widget>
+               </item>
                <item row="1" column="0">
                 <widget class="QLabel" name="lblBoxProtection">
                  <property name="font">
                   <font>
-                   <weight>75</weight>
                    <bold>true</bold>
                    <kerning>true</kerning>
                   </font>
@@ -1465,14 +1454,7 @@
                  </property>
                 </widget>
                </item>
-               <item row="10" column="0" colspan="3">
-                <widget class="QCheckBox" name="chkNotifyProtect">
-                 <property name="text">
-                  <string>Issue message 1318/1317 when a host process tries to access a sandboxed process/the box root</string>
-                 </property>
-                </widget>
-               </item>
-               <item row="0" column="0" colspan="3">
+               <item row="0" column="0" colspan="4">
                 <widget class="QLabel" name="label_52">
                  <property name="text">
                   <string>Sandboxie-Plus is able to create confidential sandboxes that provide robust protection against unauthorized surveillance or tampering by host processes. By utilizing an encrypted sandbox image, this feature delivers the highest level of operational confidentiality, ensuring the safety and integrity of sandboxed processes.</string>
@@ -1482,10 +1464,53 @@
                  </property>
                 </widget>
                </item>
-               <item row="6" column="2">
-                <widget class="QPushButton" name="btnHostProcessDeny">
+               <item row="6" column="3">
+                <widget class="QPushButton" name="btnHostProcessAllow">
                  <property name="text">
-                  <string>Deny Process</string>
+                  <string>Allow Process</string>
+                 </property>
+                </widget>
+               </item>
+               <item row="5" column="0" colspan="3">
+                <widget class="QLabel" name="label_5">
+                 <property name="text">
+                  <string>Protect processes in this box from being accessed by specified unsandboxed host processes.</string>
+                 </property>
+                 <property name="wordWrap">
+                  <bool>false</bool>
+                 </property>
+                </widget>
+               </item>
+               <item row="3" column="1">
+                <widget class="QLabel" name="label_47">
+                 <property name="minimumSize">
+                  <size>
+                   <width>20</width>
+                   <height>0</height>
+                  </size>
+                 </property>
+                 <property name="maximumSize">
+                  <size>
+                   <width>20</width>
+                   <height>16777215</height>
+                  </size>
+                 </property>
+                 <property name="text">
+                  <string/>
+                 </property>
+                </widget>
+               </item>
+               <item row="3" column="2" colspan="2">
+                <widget class="QCheckBox" name="chkLessConfidential">
+                 <property name="text">
+                  <string>Allow usefull windows processes access to protected processes</string>
+                 </property>
+                </widget>
+               </item>
+               <item row="2" column="1" colspan="3">
+                <widget class="QCheckBox" name="chkConfidential">
+                 <property name="text">
+                  <string>Protect processes within this box from host processes</string>
                  </property>
                 </widget>
                </item>
diff --git a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
index 516d9e63..6738b761 100644
--- a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
+++ b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
@@ -100,7 +100,8 @@ void COptionsWindow::CreateAdvanced()
 	connect(ui.btnHostProcessDeny, SIGNAL(clicked(bool)), this, SLOT(OnHostProcessDeny()));
 	connect(ui.btnDelHostProcess, SIGNAL(clicked(bool)), this, SLOT(OnDelHostProcess()));
 	connect(ui.chkShowHostProcTmpl, SIGNAL(clicked(bool)), this, SLOT(OnShowHostProcTmpl()));
-	connect(ui.chkConfidential, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged())); // todo norify premium feaure
+	connect(ui.chkConfidential, SIGNAL(clicked(bool)), this, SLOT(OnConfidentialChanged()));
+	connect(ui.chkLessConfidential, SIGNAL(clicked(bool)), this, SLOT(OnLessConfidentialChanged()));
 	connect(ui.chkNotifyProtect, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
 
 	connect(ui.treeInjectDll, SIGNAL(itemChanged(QTreeWidgetItem *, int)), this, SLOT(OnToggleInjectDll(QTreeWidgetItem *, int)));
@@ -252,6 +253,8 @@ void COptionsWindow::LoadAdvanced()
 	ShowHostProcTmpl();
 
 	ui.chkConfidential->setChecked(m_pBox->GetBool("ConfidentialBox", false));
+	ui.chkLessConfidential->setEnabled(ui.chkConfidential->isChecked());
+	ui.chkLessConfidential->setChecked(m_BoxTemplates.contains("LessConfidentialBox"));
 	ui.chkNotifyProtect->setChecked(m_pBox->GetBool("NotifyBoxProtected", false));
 
 
@@ -519,6 +522,17 @@ void COptionsWindow::OnSysSvcChanged()
 	OnOptChanged();
 }
 
+void COptionsWindow::OnConfidentialChanged()
+{
+	ui.chkLessConfidential->setEnabled(ui.chkConfidential->isChecked());
+	OnAdvancedChanged();
+}
+
+void COptionsWindow::OnLessConfidentialChanged()
+{
+	SetTemplate("LessConfidentialBox", ui.chkLessConfidential->isChecked());
+}
+
 void COptionsWindow::OnAdvancedChanged()
 {
 	m_AdvancedChanged = true;
diff --git a/SandboxiePlus/SandMan/Windows/OptionsWindow.h b/SandboxiePlus/SandMan/Windows/OptionsWindow.h
index 82159daf..27cde3c3 100644
--- a/SandboxiePlus/SandMan/Windows/OptionsWindow.h
+++ b/SandboxiePlus/SandMan/Windows/OptionsWindow.h
@@ -197,6 +197,8 @@ private slots:
 	void OnDelProcess();
 	void OnShowHiddenProcTmpl()		{ ShowHiddenProcTmpl(true); }
 
+	void OnConfidentialChanged();
+	void OnLessConfidentialChanged();
 	void OnHostProcessAllow();
 	void OnHostProcessDeny();
 	void OnDelHostProcess();