diff --git a/pkgs/applications/virtualization/virtualbox/hardened.patch b/pkgs/applications/virtualization/virtualbox/hardened.patch
index aad9171b68e8..3df41228ae59 100644
--- a/pkgs/applications/virtualization/virtualbox/hardened.patch
+++ b/pkgs/applications/virtualization/virtualbox/hardened.patch
@@ -60,19 +60,21 @@ index 2760306..0ce6c92 100644
   *
   * The way this work is that it will spawn a detached / backgrounded /
 diff --git a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
-index c39d2f7..cd19186 100644
+index c39d2f7..896b352 100644
 --- a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
 +++ b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
-@@ -1415,7 +1415,7 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
+@@ -1415,18 +1415,19 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
          NOREF(fRelaxed);
  #else
          NOREF(fRelaxed);
 -        bool fBad = true;
 +        bool fBad = !(fDir && pFsObjState->Stat.st_mode & S_ISVTX && !suplibHardenedStrCmp(pszPath, "/nix/store"));
  #endif
-         if (fBad)
+-        if (fBad)
++        if (fBad && suplibHardenedStrCmp(pszPath, "/nix/store"))
              return supR3HardenedSetError3(VERR_SUPLIB_WRITE_NON_SYS_GROUP, pErrInfo,
-@@ -1424,9 +1424,10 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
+                                           "An unknown (and thus untrusted) group has write access to '", pszPath,
+                                           "' and we therefore cannot trust the directory content or that of any subdirectory");
      }
  
      /*