Tested on a real machine with the latest Comodo version and it is vulnerable. I know that we have a good sandbox (if you put this executable in untrust it can’t be executed), but, maybe, it is better to patch up the software.
I have looked at what it does with the HIPS. It tries to access executables in memory. Unknown programs are not allowed to do this with default settings of CIS.
Which is great, since Comodo can protect himself from zero-day attacks. But, if you read the original article (linked on the link i’ve posted) other products fixed this problem (try it with Windows Defender on Win 10 or 8.1 with no other security products installed on the system).
And no: other applications could be attacked, not only web browsers (they did web browsers because they are simplier to check)
So, will be possible for Comodo to fix this bug, or are there some problems for fixing this?
I ran it and it would not survive being virtualised. I must admit I am running a test version so not the latest stable version.
I would like you to report under what conditions there is a vulnerability. We fist need to establish if and how CIS would get bypassed. You have not provided us compelling evidence. Preliminary testing in this topic shows it’s not vulnerable. Please provide us with the necessary information.