Application Exploit Protection?

Will COMODO Internet Security protect applications from Exploits?

The amount of exploit protection depends on the config you are in.
By default, Internet security config has the least protection, and Firewall has more, and Proactive has the most.

You could adjust the HIPS settings to increase exploit protection, without switching to a different config.

Another way to increase exploit protection is to run vulnerable apps, such as browsers and PDF readers, in sandbox.
For instance, you can make an autosandbox rule for Chrome or Adobe Reader so they will always run sandboxed. If you need them to have access to extra files/folders, besides the default ones that are provided, you can go into sandbox settings and add them to “do not virtualize access to”…

I think what Protected_PC is asking is if CIS provides exploit protection like malwarebypes anti-exploit or hitmapro.alert does. Unfortunately, Comodo removed such feature from 5.12 and 6.x as noted by BuketB here. I believe it was removed because it wouldn’t work with the sandbox.

But despite this, CIS will still protect you if the exploit payload is an executable, script file, or the payload tries to pass command-line arguments to certain applications (powershell, cmd, rundll32, etct.)

The apps that the anti-exploit programs are trying to protect could be run sandboxed, which shields the system even better than standard anti-exploit protection does – although it is not always convenient to run a productivity app in sandbox.