CredentialUIBroker.exe freezing while accessing Brave Browser password manager

[pulsarclarinetokrabee]

Describe what you noticed and did

1. Open Brave sandboxed
2. Open the Password manager (brave://password-manager/passwords)
3. Click add, then create an arbitrary password entry and save it
4. Click on the newly created entry, a Windows Safety dialog (CredentialUIBroker) should open asking for authentication
5. Upon clicking OK or trying to close the window, the dialog will freeze. Thus the editing the saved Brave passwords is not possible. The CredentialUIBroker has to be force closed

How often did you encounter it so far?

Always

Expected behavior

The authentication should behave the same as an unsandboxed Brave session.

Affected program

Brave Browser Version 1.65.123 Chromium: 124.0.6367.91 (Official Build) (64-bit)

Download link

https://laptop-updates.brave.com/download/BRV002?bitness=64

Where is the program located?

The program is installed only outside the sandbox.

Did the program or any related process close unexpectedly?

Yes, it did, but no .dmp file has been created in the system.

Crash dump

No response

What version of Sandboxie are you running now?

Sandboxie Plus 1.13.3

Is it a new installation of Sandboxie?

I have been using the same version for some time.

Is it a regression from previous versions?

Unknown. On Previous versions of Brave and Sandboxie it used to work, however it has been too long to pin point when the problem first started.

In which sandbox type you have this problem?

In a standard isolation sandbox (yellow sandbox icon).

Can you reproduce this problem on a new empty sandbox?

I can confirm it also on a new empty sandbox.

What is your Windows edition and version?

Windows 11 Pro 23H2 64bit

In which Windows account you have this problem?

A local account (Administrator).

Please mention any installed security software

none

Did you previously enable some security policy settings outside Sandboxie?

No

Trace log

No response

Sandboxie.ini configuration

[GlobalSettings]

Template=LogitechSetPoint
Template=Edge_Fix
Template=7zipShellEx
Template=WindowsRasMan
Template=SynapticsTouchPad
FileRootPath=T:\Sandbox\%SANDBOX%
ProcessGroup=<Customlibreoffice_DefaultBox>,libreofficewriterportable.exe,libreofficeportable.exe,soffice.exe,soffice.bin
EditAdminOnly=y
ForceDisableAdminOnly=y
ForceDisableSeconds=5901
TemplateReject=OfficeLicensing
TemplateReject=WindowsLive
TemplateReject=ObjectDock
ActivationPrompt=n
KeyRootPath=\REGISTRY\USER\Sandbox_%USER%_%SANDBOX%
IpcRootPath=\Sandbox\%USER%\%SANDBOX%\Session_%SESSION%
DefaultBox=Temporary

[Temporary]
Enabled=y
FileRootPath=R:\Sandbox\%SANDBOX%
BlockNetworkFiles=y
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
BorderColor=#02f6f6,off,6
Template=OpenBluetooth
Template=SkipHook
Template=FileCopy
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
ConfigLevel=10
UseFileDeleteV2=y
UseRegDeleteV2=y
AutoRecover=y
BlockInterferePower=n
ForceProtectionOnMount=n
DropAdminRights=y
IsProtectScreen=n
IsBlockCapture=n
DblClickAction=!browse
ClosePrintSpooler=y
BoxNameTitle=y

[offhub]

I can't reproduce this problem on Windows 11 23H2 (Hyper-V) or Windows 10 22H2. Please try with the latest release version.

sbieissue3863.mp4

[pulsarclarinetokrabee]

With version 1.13.7 the problem remains. Other than setting up the whole computer from scratch there aren't any other ways I can think of to find the cause.

[offhub]

Try using older versions and see if it works.
v1.12.9
v1.11.4

[pulsarclarinetokrabee]

Tried v1.11.4 and went as far back as v.1.6.4. No change.

[NewKidOnTheBlock]

@pulsarclarinetokrabee
Hey, this seems to be a duplicate of #3986
Try the suggested workaround:
FakeAdminRights=CredentialUIBroker.exe,n

[pulsarclarinetokrabee]

Thanks for the suggestion, however I cannot confirm these two issues to be identical.

1. FakeAdminRights were not enabled for the Sandbox to begin with, and adding the exclusion manually has no effect.
2. The CredentialUIBroker process is not crashing instantly, the dialog window freezes after attempting to authenticate.

After Firefox added a similar feature recently I can observe the same behavior there. Making the issue not exclusive to Brave.

https://www.mozilla.org/en-US/firefox/127.0/releasenotes/

For added protection on MacOS and Windows, a device sign in (e.g. your operating system password, fingerprint, face or voice login if enabled) can be required when accessing and filling stored passwords in the Firefox Password Manager about:logins page.

[offhub]

For Firefox:

FakeAdminRights=firefox.exe,n