diff --git a/patch/patches/win_sandbox_3210.patch b/patch/patches/win_sandbox_3210.patch
index 0bd5eda77..3a73bcd38 100644
--- a/patch/patches/win_sandbox_3210.patch
+++ b/patch/patches/win_sandbox_3210.patch
@@ -1,5 +1,5 @@
 diff --git sandbox/policy/win/sandbox_win.cc sandbox/policy/win/sandbox_win.cc
-index 4fb8e2a9d7a6e..46e3db1d36f73 100644
+index 4fb8e2a9d7a6e..797e5af27ca56 100644
 --- sandbox/policy/win/sandbox_win.cc
 +++ sandbox/policy/win/sandbox_win.cc
 @@ -939,6 +939,17 @@ ResultCode SandboxWin::StartSandboxedProcess(
@@ -20,3 +20,21 @@ index 4fb8e2a9d7a6e..46e3db1d36f73 100644
    SandboxLaunchTimer timer;
  
    // Avoid making a policy if we won't use it.
+@@ -1015,10 +1026,16 @@ void SandboxWin::FinishStartSandboxedProcess(
+ // static
+ ResultCode SandboxWin::GetPolicyDiagnostics(
+     base::OnceCallback<void(base::Value)> response) {
+-  CHECK(g_broker_services);
+   CHECK(!response.is_null());
+   auto receiver = std::make_unique<ServiceManagerDiagnosticsReceiver>(
+       base::SequencedTaskRunner::GetCurrentDefault(), std::move(response));
++  // Will be nullptr if SandboxInterfaceInfo was not initialized by the CEF
++  // client, meaning that the sandbox is implicitly disabled. Match the
++  // failure behavior in BrokerServicesBase::GetPolicyDiagnostics.
++  if (!g_broker_services) {
++    receiver->OnError(SBOX_ERROR_GENERIC);
++    return SBOX_ERROR_GENERIC;
++  }
+   return g_broker_services->GetPolicyDiagnostics(std::move(receiver));
+ }
+