Hackers look for weaknesses to exploit that allow them to access the underlying system. No program is perfect and without vulnerabilities. It would be foolish to think one is. The best defense is to prevent attacks rather than relying solely on your software to stop them
Hackers are looking for the low hanging fruit not fort knox.
So first good luck looking to defeat a sandbox they do not know about not the build in sandbox of a common program they are looking to attack.
Second as I already stated I layer my defenses one on top of the other.
After breaking out of a sandbox or during trying to break out they would then need to deal with my uncommon real time monitoring program that does not allow anything to write to memory or place hooks or drivers on the system or even run for the first time without my OK. Google earth wish to address video memory directly it is block from doing so until I OK it.
Oh this little dear hash everything allow to run on my system and if the hash had change it also block it from running until my ok.
That is the reason that every time I do an update of a program or when microsoft or java etc does an update I need to hit ok any numbers of times as the undated/change exe and dll files first begin running.
Oh just for ice cream on top once a month or so I run Microsoft stand alone scanner that boot from it own CD to look for root kits that are hiding by having the OS shielding them from detection.
Sorry the odds that anything is going to get through all my layers of software security in the real world is near zero.