Constant ret2libc alerts on Vista x64 (Solved)

[Guest]

[ruoja]

I've just installed CMF 2.0.4.20 in addition to Comodo Firewall and Avira Antivir on Vista 64-bit, which is also a fresh install - I'm doubtful of infections, especially as none have been actually detected and CFP doesn't inform about any abnormalities.

Anyhow I'm getting constant alerts from CMF about ret2libc type attacks and most seem to occur with Windows system applications, but some also with console programs. Something I find peculiar is that the memory address is always the same.

Are there any known non-threatening conditions that can cause these alarms or a known bug? Or should I file a bug report?

Here's a screenshot of CMF's log window:

[fazio93]

Just wondering. What version of CFP are you running and do you have Defense+ enabled? As of version 3.8.64263.468, memory firewall is integrated into D+, so COMODO Memory Firewall is not needed.

[ruoja]

Dang, I was just about to add that permanently disabling Defense+ stopped the alerts. CFP is version 3.8.65951.477.

Not having read the release notes, I wasn't aware of Memory Firewall getting integrated. I was under the assumption that the Safesurf Toolbar was still the only form of this kind of protection included with CFP, and I never installed Safesurf.

Thanks for this information!

[fazio93]

Glad you worked it out.
I'll lock this topic. PM an online moderator if you need it reopened.

[Tags:]