I have run CLT with CIS5, and I have scored 320/340…

The vulnerable state is for these test:
Injection: SetWinEventHook
Injection: SetWindowsHookEx

SO: Windows 7 32bit virtualized with VirtualBox
Config: Proactive Security, SB disabled, D+ Safe Mode

Is a CIS5 bug or is due to virtualization??

The sandbox plays a major part with Comodo, it’s your final layer of security. So you can’t really say it missed some when you have it disabled.

I disabled SB to run CLT…

I know that when CLT runs, the sandbox should be disabled otherwise CLT would be runned in the SB and so the tests would be altered…

With sandbox enabled:

New tests

SB enabled, treat unrecognized files enabled, D+ safe mode:

Partially Limited: Score 150/340
Limited: Score 150/340
Restricted: Score 150/340
Untrusted: Score 150/340

SB enabled, treat unrecognized files disabled, D+ safe mode: Score 320/340

SO Win7 32bit (VirtualBox), CIS 5.0.158836.1079, Proactive Security

That doesn’t make any sense, with V3 and V4 all you need to do is set CLT as a “blocked application” and it jumps to 340/340, but now you need the sandbox to score perfectly?

I get 340/340 with sandbox disabled. :wink: XP SP3

I just got 340/340 on my Win 7 x86 on similar settings. That may be a clue it is that the VM is playing a role.

As I tought, perhaps the cause is VM…
It is important that it is not a CIS5 bug on Win7… :-TU

It is a bug of VirtualBox and hence CIS does not function properly in it.

in default the sandbox is set to slightly limited, and then you get 320 out of 340.
cis should set this way, get 340 out of 340

su seven 64 bit

CIS 5.0.159634.1091, Internet Security, XP SP3

Partially Limited: 340/340 :slight_smile:
Limited: 330/340: 24. Impersonation: DDE Vulnerable :-\

Is that a bug in Parental Control?

CIS 5.0.159634.1091, Firewall with D+, XP SP3

Partially Limited: 340/340 Parental Control (Disable)
Partially Limited: 330/340 Parental Control (Enable)

It failed the DDE item with Parental Control enabled and suppressed all alerts.