Author Topic: Comodo Internet Security v10.1.0.6476 Updates Released  (Read 26478 times)

Offline bluery

  • Comodo Loves me
  • ****
  • Posts: 118
  • chrome://chrome-urls/
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #135 on: February 10, 2018, 01:59:15 PM »
With this version I have an issue with sandboxie, HIPS alert doesn't work anymore on one software

I have update the sandboxie, removed rules from comodo, but still the same issue.

I am trying to open Machete video editor in sandbox, but comodo hips alert isn't showing anymore, to block the application or to allow, and Machete isn't opening anymore.

Tried different Machete versions and the same issue

Tried other applications and the alert is showing

Could you please find out what could be the issue?

Offline liosant

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1126
  • Terra é circo onde nós somos palhaços...
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #136 on: February 10, 2018, 02:15:21 PM »
The part in bold is a bypass by user. It's been said before and I will state it again: CIS is the nanny of program behaviour not the nanny of user behaviour. CIS doesn't protect the user from him or herself. It's something I am very happy with. It is by design and does not proof a bypass because unknown programs that are un virtualised are not allowed to perform such actions.

Do you have an example of malware that manages to escape the sandbox? Comodo is always interested in them.

It is not that the unknown or malicious file will run out of the sandbox or out of contention. But malicious activity or malicious file in "auto-contention" can perform actions like delete or modify, disable system files and antivirus.

Security suites block or isolate unknown or soft files, but not access by unknown or malicious files to system applications (these are allowed by suites). A good example of this is unknown and even malicious applications when they start along with the system, protection programs are not able to prevent malicious actions

Situation1: System infected > programs security > fail autorun
Situation2: System infected > program security installer > malware bypass (trojanrats, trojanscrypt...)

a copy of malware that does not run out of auto-containment but succeeds in its purpose. I posted some time ago. (kas and cis fail)
GOD or ALA It's ONE! A few months ago I was epileptic, now no more!
Businessmen take care of companies, COMODO protects data from businessmen companies

Offline Umesh

  • Comodo Alumni
  • Comodo's Hero
  • *****
  • Posts: 3421
  • Comodo Alumni
    • COMODO
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #137 on: February 10, 2018, 05:08:49 PM »
Team will try to produce and get in touch if needed.
With this version I have an issue with sandboxie, HIPS alert doesn't work anymore on one software

I have update the sandboxie, removed rules from comodo, but still the same issue.

I am trying to open Machete video editor in sandbox, but comodo hips alert isn't showing anymore, to block the application or to allow, and Machete isn't opening anymore.

Tried different Machete versions and the same issue

Tried other applications and the alert is showing

Could you please find out what could be the issue?
We can't stop malware entering user's PC but we render them use-less when they enter PC: Welcome to Comodo's Default Deny innovation

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25669
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #138 on: February 10, 2018, 10:40:11 PM »
It is not that the unknown or malicious file will run out of the sandbox or out of contention. But malicious activity or malicious file in "auto-contention" can perform actions like delete or modify, disable system files and antivirus.

Security suites block or isolate unknown or soft files, but not access by unknown or malicious files to system applications (these are allowed by suites). A good example of this is unknown and even malicious applications when they start along with the system, protection programs are not able to prevent malicious actions

Situation1: System infected > programs security > fail autorun
Situation2: System infected > program security installer > malware bypass (trojanrats, trojanscrypt...)

a copy of malware that does not run out of auto-containment but succeeds in its purpose. I posted some time ago. (kas and cis fail)
Could you point us to the post you mentioned?

Offline DeathCat

  • Comodo's Hero
  • *****
  • Posts: 234
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #139 on: February 11, 2018, 05:59:27 AM »
Every time you start Windows 10 x64 1709 16299.214 RadeonSettings.exe error. If CIS is removed, then everything is fine. It is observed on CIS 10.1.0.6476 and on 10.2.0.6504 Beta.

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25669
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #140 on: February 11, 2018, 10:33:13 AM »
What happens when you add RadeonSettings.exe to the shellcode exclusions?

Offline bluery

  • Comodo Loves me
  • ****
  • Posts: 118
  • chrome://chrome-urls/
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #141 on: February 11, 2018, 11:23:02 AM »
Team will try to produce and get in touch if needed.


Just tried again today and working fine now ... the alert pops up and the application is opening

Offline DeathCat

  • Comodo's Hero
  • *****
  • Posts: 234
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #142 on: February 11, 2018, 12:35:39 PM »
What happens when you add RadeonSettings.exe to the shellcode exclusions?

Added to the exceptions and kind of helped. Thank you for reminding me that this moment flew from my head.

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25669
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #143 on: February 11, 2018, 02:53:41 PM »
Added to the exceptions and kind of helped. Thank you for reminding me that this moment flew from my head.
It what our mind does best: slip... ;) What do you mean with it kind of helped? What's happening and what is not happening?

Offline DeathCat

  • Comodo's Hero
  • *****
  • Posts: 234
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #144 on: February 11, 2018, 02:56:26 PM »
It what our mind does best: slip... ;) What do you mean with it kind of helped? What's happening and what is not happening?

Starts now without error. It's okay for now.

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25669
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #145 on: February 11, 2018, 04:17:06 PM »
Thank you for reporting back. Does the program have full functionality?

Offline DeathCat

  • Comodo's Hero
  • *****
  • Posts: 234
Re: Comodo Internet Security v10.1.0.6476 Updates Released
« Reply #146 on: February 12, 2018, 02:27:57 AM »
Thank you for reporting back. Does the program have full functionality?

Yes, it works fine. The problem was only with cold start of Windows before entering into shellcode exclusions

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25669

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek