D+ Buffer Overflow protection fails PoC [invalid]

Here is author’s post (there is a source code for his PoC in this post):

This thread is very important, there is a serious mistake in Memory Firewall!

Memory Firewall is only detecting calls to ShellExecute, WinExec and so on, but it’s not detecting calls to the standard C system() call. This is a serious security flaw since system() can do everything that ShellExecute can do. I want some developers in this thread.

Im not using Memory Firewall since i found out that it’s useless, also, DEP and ASLR is a better way to protect your system since it does not need the “black list” of calls becaue everything is stopped.

Memory Firewall code is now part of CIS D+.
Can Comodo developers (e.g. Tyler Durden) confirm or disprove this kind of BO attack is a real life threat which bypasses BO protection of D+ ? –answer has already been provided, see next post

Few days later the same poster created another topic which got an official reply.

Though the code provided is apparently something else, the discussion that poster explicitly triggered focused on ret2libc-like attack invoking compiler-dependent library/DLL function named system() to spawn a pre-existing executable.

Since there was no evidence of an approach in the wild that use only that function (and thus without using any other that will trigger shellcode protection) in order to prevent to potential compatibility issues it is unlikely that this particular call will be supported in order to trigger Shellcode protection alerts.

Thank you for this (:AGL)
i missed that thread. no more questions left.