Well from your first link.

[b]What are the limitations?[/b]

As we said earlier, the sandbox itself is not a new security model; it relies on Windows to achieve its security. Therefore, it is impossible for us to prevent against a flaw in the OS security model itself. In addition, some legacy file systems, like FAT32, used on certain computers and USB keys don’t support security descriptors. Files on these devices can’t be protected by the sandbox. Finally, some third party vendors mistakenly configure files, registry keys and other objects in a way that bypasses the access check, giving everyone on the machine full access on them. Unfortunately, it’s impossible for the sandbox to protect most of these misconfigured resources.

So whilst it is better than I have been led to believe, it I would say doesn’t achieve what I would consider the definition of a sandbox and that it to completely isolate it from the system.