What happens to those who have CIS 2025 installed if this causes a problem?
1 - Will my security be compromised?
2 - Am I unprotected?
3 - Will it be necessary to remove CIS 2025 from the system and install the old CIS 2020?
4 - Will you send an update to remove the certificate and install another valid certificate?
5 - Will you create another CIS 2025 installer and ask all users to manually remove it and install it?
6 - Can’t you ask us to uninstall it from the machines and install the new one, and for those who have several machines with several clients?
When an antivirus has its certificate revoked, this can have several implications:
1 - Trust and Updates: The antivirus’s digital certificate is used to authenticate and ensure that the software is legitimate and has not been maliciously altered. If the certificate is revoked, the system may begin to treat the antivirus as potentially untrustworthy software, which may affect its ability to download updates or virus signatures.
2 - Security: An antivirus without a valid certificate may not provide adequate protection, as it will not be able to guarantee the integrity and authenticity of the software. This can leave the system vulnerable to threats.
3 - Compatibility and Functionality: Some operating systems and applications may block or limit the functionality of programs with revoked certificates, which may cause the antivirus to stop working correctly.
What happens? Well, the UI for 2025 fails to open due to this, so I wound up using the cleanup utility to try and fix it, after removing and rebooting the offline installer complains about the “cmdhtml.dll wasn’t properly signed” and can’t reinstall it. I wound up reverting to the older version for the time being. Very stupid.
Exactly this my friend is not working that’s why I opened this topic with these questions, for someone either a moderator or a programmer to answer what we have to do!
It’s good to have confirmation as I thought I was going crazy. We’ll need to wait for Comodo to release new installers/ application binaries signed with a fresh certificate. I don’t believe there is any way to make the 2025 version work at all because a signing certificate cannot be unrevoked.
There may be a way, yes, he has to do an invoke to remove the invalid certificate from Windows and for that they would need authorization from Microsoft…
Antivirus software certificates can be revoked for a variety of reasons, including:
Security Compromise: If the private key associated with the certificate has been compromised, allowing a third party to sign malicious software as if it were legitimate.
Policy Violation: The software developer may have violated the terms of use or policies of the certificate provider (certificate authority), such as using the certificate for malicious or illicit purposes.
Issuance Error: The certificate authority may have identified an error during the certificate issuance process, such as issuing the certificate to the wrong entity.
Termination of Contract: The certificate may be revoked if the contract between the company developing the antivirus and the certificate authority is terminated prematurely.
Malicious Software: If the antivirus software is detected as malicious or behaves maliciously after the certificate is issued, it may be revoked to protect users.
Certificate Update or Replacement: Certificates are sometimes revoked for routine reasons, such as replacing them with a more up-to-date certificate.
Certificate revocation is intended to prevent users from trusting software that may be compromised or does not meet required security standards.
I mean both. If CIS 2025 is already installed and the certificate store has been updated to show the correct revocation status, the application (cis.exe) will not show the main UI when clicking it. if the application is uninstalled, the installer will also fail because it is signed with that same revoked certificate.
I would think that because no one said anything about the posts, you were the first. Jealous.
So, what is productive for you is to stand still and do nothing?
Remember that in the past COMODO has had problems with malware certificates. That’s why I was already posting it here on the forum so that someone can take some action on the matter.
As for the official response, they take a long time or even years.
I say all this because I like Comodo products and want the best for all customers.
Keep an eye on this topic, the questions I asked at the beginning can be sure that they will never be answered.