CIS3.8...Is SafeSurf still needed.

Was just wondering by installing comodo cis 3.8 do i still need safesurf since buffer overflow protection is included with cis?

you can safely uninstall safe surf. Make sure you check DETECT SHELL CODE INJECTION under D+ >> Advance >>Image execution

But why was it an option when installing CIS 3.8 (sorry but I’m a new user of CIS).
Is it the same product as Memory Firewall ? Or a version limited to the internet browsers ?


My guess is that SS is still bundled with CIS due to the toolbar, which Comodo get revenues from. You don’t need SS anymore (but of course you can keep the toolbar if you wish) as this is fully covered by Defense+ in CIS.

Hi, Lars. Is it stated by devs or Comodo support that new option “Detect shellcode injections” of D+ makes SafeSurf (not toolbar but protection app) redundant in terms of providing extra protection (which D+ cannot provide)??
If you know, please drop a link here.

Hi :slight_smile: Indirectly yes, since SS won’t add anything to CMF and according to this post you don’t need CMF:;msg247337#msg247337

thank you :-TU
it is indeed explains everything

I was able to make sure D+ of CIS 3.8 better catches BO than SS (though not sure about latest i have one tiny harmless app which produces BO and SS don’t catch this BO, but CMF (latest) and CIS 3.8 do catch.
Attached application. It’s aim is to help learn English. Archieve password 1234 (you will need some archiever to open it, e. g. 7-zip).
Go ahead and compare SS vs CIS 3.8 (in terms of providing BO protection).

p.s.: if anyone from mods will consider this attachment inappropriate, pls delete it, though it is not a malware despite some AVs report it is (details here).

[attachment deleted by admin]

The reason why SafeSurf didn’t catch it is because SS protects only your browser against BO attacks, not the whole computer like CMF does (both built-in in CIS as well as a standalone).

It seems to me that SS protects not only browser because it catches all 3 BOs from Comodo test suite (found on this forums). Correct me if i’m wrong, but these tests are not targeted against any browser (its vulnerabilities).

Well, it’s quite complicated, but as Melih has stated SS does not protect your whole computer because it is not its job to do so.
A quote from Melih:

Nevertheless, if you have either CMF or CIS 3.8 you are covered (:KWL)