Feedback - ASLR protection defeated by Comodo


  1. Comodo currently does not support ASLR (Address Space Layout Randomization). This in itself is a vulnerability since unknown vulnerabilities in Comodo are easier to exploit for malware.

  2. Comodo loads a dll into every executable running on the system, and this dll is also not ASLR-enabled. This means that every program running on the computer has lower protection because of Comodo not having ASLR.

  3. Enabling ASLR support is easy, it is just a compiler switch, and it does not require any code rewrite. All modern compilers support ASLR (I hope Comodo does not use ancient compilers).

  4. I have tested enabling support of ASLR in Comodo using a “hack”, and there were no problems with it, therefore Comodo works just fine with it.

  5. Most other security software already supports ASLR.

Please enable ASLR support soon, not waiting for Comodo 6.

Can you share that hack with the rest of us?

I would rather not disclose it, since it involves switching off Driver Signing protection in win7, and I also cannot distribute modified Comodo executables & DLLs due to Comodo license not permitting it.

However, you can also use (with some caveats) the Enhanced Mitigation Experience Toolkit to force ASLR on Comodo executables.

Could you post some benchmarks using Comodo with (your hack) and without ASLR ?

Shouldn’t you be sending the modified files directly to the devs so they can take a look at it?

why does comodo not have this

Probably because it believes in it’s self-defense capabilities preventing ‘abuse’ of this lack of ASLR usage…

I heard a lot of criticism on security forums that Comodo don’t keep up to date with other security firms… But there will be never any security which can cover all vulnerabilities… You don’t need all the protection anyway unless you have hackers at bay… And anything can be hacked into if somebody try hard enough…