We are pleased to announce that Comodo Internet Security 2019 Beta (v12.0.0.6798) is now available for download and beta testing feedback.
NOTE: Beta versions should not be run on production machines.
Online Setup Details:
In order to install online setups, please ensure you have following entries in Windows hosts (c:/windows/system32/drivers/etc/hosts) file:
Extended Containment Rule “Created By” criteria with “Rating” attribute.
Extended sanbox rules with a vendor as a criteria.
Extended Vendor List with User rating.
“Heuristic Command-Line Analysis” and “Embedded Code Detection” for scanning and monitoring of auto-run entries.
Powershell_ise analysis support.
Option to automatically scan plugged-in devices.
Simplified installation.
First network zone detection is performed in background.
Widget is hidden by default but can be changed with an install setting available through the Options button.
Updated AV engine.
Overall performance and stability improvements.
WDSC integration performance and stability improvements.
Fixes:
Fixed extended OS boot time in some cases.
Fixed defect where full scan fails in some rare cases.
Unrecognized file does not launch in Sandbox second time after first viruscope detection.
Defect where ‘Cmdagent.exe’ consumes 40-50 % CPU constantly in some cases.
Rules for Website Filtering can’t be added if all rules was deleted.
Uninstall of CIS Premium is periodically failed.
cmdagent.exe unexpectedly terminates in some rear cases.
Defect where cmdagent.exe unexpectedly terminates after install CIS with Secure Shopping on XP.
Sandboxed .bat scripts are displayed as cmd in active processes list.
Containment resetting process takes a long time in some cases.
Not able to play videos in Facebook inside sandboxed Opera.
BSOD when playing Freeridesgames games
Known issues:
CIS icon is not displayed in Task Bar after upgrade from Leon 11 to Wonder 12 BETA.
It is impossible to run CIS by its shortcut on Desktop after upgrade from Leon 11 to Wonder 12 BETA.
Settings will be lost if installed over all previous versions of CIS. ‘Installer’s state cannot be saved’ is displayed during Wonder BETA install over a previous CIS version (please use clean install or updates)
Please check fresh installs and updates from previous releases.
Unsure if useful: Also interesting that you can now separate Script Analysis based on if it is classed by CIS as a startup item or not. I’m not sure how useful this is though as scripts that are not startup items can be used for malicious purposes too… So is it not best to treat both with maximum security anyway? I’m on the fence with that one.
Useful: I find ‘apply selected action to unrecognized entries related to new/modified registry items’ potentially very useful (although I find the title very confusing) for potential exploit vectors. However… this is only useful if the default it set to something other than ‘ignore’. If you can get this to something other than ignore by default without causing too much disruption, then this would be impressive.
Great work on version 12!!!
[Update]
Pseudo File Downloader Containment Rule:
I would add the ‘Email Clients’ File Group to the ‘Pseudo File Downloaders’ containment block rule. This is so it blocks Pseudo File Downloaders opened from both Web Browsers and Email Clients. Some email clients are able to open web pages within the client. Thunderbird for example. Therefore they also need protecting in the same way web browsers do.
Containment Criteria Naming:
I think that maybe ‘File created by applications’ should be renamed back to ‘File created by processes’.
This is so both options now read:
'File created by processes
and
'File started by processes
This avoids confusion so people know there is no difference between what is described as ‘processes’ or ‘applications’ in the context of these two options.
I did a clean install and imported my configuration from v11.
First impressions. The erroneous security center notifications on boot on Win 10 1809 (17763.316) x64 that the AV needs updating are gone. There already was a program update. It turned out to be for the eula.rtf.
The AV now scans a folder with installers and other archives faster. A first sign of performance improvement. Opening Explorer and Control Panel seems faster; it feels snappier. Opening Creative’s Soundblaster X Fi control panel is faster; it is no longer sluggish. XnView opens faster including enumerating the thumbnails. :-TU
Clean install this morning and imported last modified Proactive Config on a Win10 system and after reboots, it’s been running for a while . . . it appears faster and the delay I needed on this system, prior to logging on (to stop the odd Security Centre Firewall warnings), is down to about 5 seconds now, which is fine by me
But . . . . . . . .
For some reason I have had to add Firefox to the exceptions to HIPS Interprocess Memory Access Rule, to stop the Logs being filled with Access warnings, which has never been needed before. It went up to over 80 before the entry
The same for GP Software Directory Opus, which I’ve used for years, but is now getting the same Access warnings
Also, how do you go about deleting anything from the Trusted Vendor list? I’ve changed Ratings etc. but still get the message as shown
Edit: Having run it now for the whole day, HIPS is warning about virtually every application trying and being blocked for memory access in cavwp.exe. I haven’t changed any settings from 6778 and HIPS is in Safe Mode as before and have tried clean installs both offline and on - HIPS now up to 450 and counting!!
The AV updates are not served by the beta server. To be able to update the Proxy and Host settings or the Hosts file need to be changed to the regular update server again. Make sure you have downloaded the extras from the beta server before switching.
When doing a program update it will not provide an update back to the latest stable version.
I have been setting up a fresh Proactive Profile and noticed that Killswitch/Watch activity does not show up as option under Tasks in Classical Theme and Modern Theme but will show up in Lycia and Arcadia themes. I don’t know if this a regression or something longer standing.
When the Settings and Logs screens are maximized they use the whole screen covering the task bar.
Edit: the problem with maximization was also happening with other programs. I fiddled a bit with Task bar settings and that fixed it. I don’t know what happened and solved it.
Can’t seem to get it to be blocked again. Maybe it was on install only. Nevermind. If it happens again I will try to keep track and try what you suggested.
My computer started to act weird. It started to become unresponsive. Windows 10 x64 (1809 17763.316).
Several programs were getting unresponsive and could not be closed (or closing took too long and I nuked them with task manager). Starting new applications would take long. At a certain moment it seemed like they would not start. Windows Store Apps would start but as the screen was there it would sit there doing seemingly nothing.
I could not reboot the computer from the Start Menu or by using alt+F4 from the desktop. Windows would simply not respond to the request to reboot. Ctrl+Alt+Del did not bring up the choice screen from where I could have tried to reboot.
After the reboot Windows Security Center states Comodo AV and Firewall are not active I will reboot now to see if the registration with WSC changes.
Event viewer shows nothing of any importance. I am going to reboot now and see if the registration with WSC changes.
Edit: I rebooted twice. It takes WSC a minute or more to see the AV and Firewall are active but after that initial period it says things are hunky dory. Initially it will say the Firewall is not active while it is still assessing if the AV is active. Eventually it says all is fine without alerting the user with a pop up above the systray.
