It is not available through the program updater yet.
Still can’t remove any of the Trusted Vendor list w/o an error
Hello,
Previous version beta and acutally RC still blocking( slow down) system. Please help or fix it !
Hi Ploget, could you please send us logs from report tool generated after removing attempt?
Also could you please clarify if you are trying to remove vendors from default list.
We’ve implemented blocking of removing trusted vendors added by comodo, but it should show proper message.
Hi maciejak,
Could you please check if virtual memory (swap on HDD) is enabled on your system (see attach)
User LoRenZoR reported similar issue with 6808 and he also was not able to create dump.
After he restored default state of virtual memory the issue is gone.
Also on this version.
Yes - it’s from the default list and does give the ‘proper’ message . . . but you’re saying that on a system with a chosen set of applications and known vendors, that the hundreds of default vendors can’t be removed or chosen by the user?
I like to control my system(s) and not have superfluous vendor lists that I can’t remove or edit, or even understand in scores of the entries!
May I ask what is the reasoning behind that?
There are no trusted vendors and the stuxnet case (stolen Realtek and JMicron certs) confirms this. Attempt to impose these “trusted” vendors is a very bad sign. If this does not change, HIPS (and CIS itself) will become useless. Potentially, only a microsoft can be considered a trusted vendor, but it should also be allowed to users to delete and configure as they wish.
Completely agree . . . a very bad move in my opinion
I will try this option, but with previous version Cis 11 i don’t have problem. I have problem only with cis 12.
Hello,
This option now try and does not working. Cis 12 RC still blocking( alow down) system.
Hi maciejak,
Thanks for getting back.
Could you please try to reproduce the issue, provoke BSoD and share memory dump with me via PM.
There are several ways to do it:
Or you can use notmyfault tool from sys internals package:
Rexy, Ploget, your arguments are reasonable, we will discuss them internally.
Thanks Vladimir . . . I would say it is very important to a lot of users
couldnt agree more
So, no ask feature for the autosandbox like in CCAV?
Can I have an option to turn off clipboard for sandboxed processes. I think sandboxed processes have access to clipboard is a big security risk.
You might be interested in the following wish: Prompt user to Allow or Block Copy/Paste to and from Sandbox via Clipboard.
CIS has always been good at allowing itself to be tuned and it controls absolutely everything. I can not understand why you need to impose trusted vendors. Suppose you trust them, but why should the end users force them to trust them? Certificates can steal and sign a virus with them, which has already happened. I do not speak against the model with trusted vendors, but I am categorically against imposing this list. Previously, it was better - the user himself decided which vendor deserves trust and which one does not. Selective protection is not protection.
This means the complete destruction of the last HIPS for Windows. This is very bad.
Stuxnet and stolen certificates
Stuxnet signed certificates frequently asked questions
“Our results show that compromised certificates pose a bigger threat than we previously believed, as it is not restricted to advanced threats and that digitally signed malware was common in the wild before Stuxnet”
Stuxnet spawn infected Kaspersky using stolen Foxconn digital certificates
Windows Pro x64 1809 17763.379 CIS v12.0.0.6810
Again, the system hangs as in the previous version 6808