Firewall rule vulnerability for Internet Security Config - 1382 and 1383

Firewall rule vulnerability for Internet Security Config - 1382 and 1383 installers.

The Internet Security.cfgx file found in the 1382 and 1383 installers contains a new rule that allows the ‘All Applications’ file group all outgoing access, once the firewall is installed.

The bug/issue

  1. What you did:
    Attempting to resolve forum questions on firewall behaviour
  2. What actually happened or you actually saw:
    After working through the problem it became apparent there was a problem with the Internet security configuration.
  3. What you expected to happen or see:
    For this rule not to have been created.
  4. How you tried to fix it & what happened:
    Delete the rule from the firewall or choose an alternative configuration file.
  5. If its an application compatibility problem have you tried the application fixes here?:
  6. Details & exact version of any application (execpt CIS) involved with download link:
  7. Whether you can make the problem happen again, and if so exact steps to make it happen:
    Reproducible always.
  8. Any other information (eg your guess regarding the cause, with reasons):
    If this is by design it should be changed. The rule is not present in the Proactive or Firewall configuration files. The rule is also not added when upgrading from a previous version of CIS, such as 1355.

Files appended. (Please zip unless screenshots).
Please see:

1383 Doesnt respect “custom policy” firewall selection/setting
Firewall settings not working - pleas help!

Your set-up

  1. CIS version, AV database version & configuration used:
    Any 1382 or 1383 installer
  2. a) Have you updated (without uninstall) from CIS 3 or 4:
    See above.
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:
    The rule is added either by installing the suite with the AV component (it defaults to Internet security) or by selecting Internet Security post installation.
  3. a) Have you imported a config from a previous version of CIS:
    b) if so, have U tried a standard config (without losing settings - if not please do)?:
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.):
  5. Defense+, Sandbox, Firewall & AV security levels: D+= , Sandbox= , Firewall = , AV =
  6. OS version, service pack, number of bits, UAC setting, & account type:
    Windows 7 Ultimate x86 and x64. I haven’t tried XP, however, because the rule is in the cfgx file I don’t doubt the result will be the same.
  7. Other security and utility software installed:
  8. Virtual machine used (Please do NOT use Virtual box):

Please see here;msg530034#msg530034