javaw.exe bug

I am running Comodo ver. 3.12, winxp sp3.

Everytime I go into Java console to view/reset something, I get a Comodo popup that that Comodo is learning javaw.exe. It then creates a new outbound TCP port rule. So far I have 6 assigned to the app. rule Comodo created. Appears javaw.exe assigns ports randomly.

Appears Comodo needs to create a localhost rule for javaw.exe. I tried to do it manuall, allow TCP out any port to localhost network def. that Comodo created, but it didn’t work and Comodo blocked it.

How is this a bug?

Perhaps you could relax your protection a bit? With my firewall/D+ in safe mode, I get no alerts regarding javaw.exe. (aside from the initial, “do you want to allow it to connect to the internet?”)

If you run the higher security settings, don’t be surprised that it asks you to allow every little thing because after all, that is what you have asked it to do.

I am only running the firewall, not Defense+ if that makes a difference.

I wonder if I need to add a global rule to allow loopback out? Maybe that would then allow the app. loopback rule I attempted to add to javaw.exe to work?

Bottom line is Comodo is adding an individual TCP out rule for every port used and that is not right in my opinion. The ports used by javaw.exe are random it appears so theoretically, I could end up with many TCP rules.

This also seems to be related to Java 6.15 which I recently upgraded to.

Are you running it in safe mode?

6.16 is out. Have you tried it?

Yes, I run in safe mode with alerts set to high.

Something is definitely not right on how javaw.exe is being handled by Comodo. For example, I don’t even have a firewall rule for jqs.exe which connects to localhost outbound and it works fine.

This is your problem… This will give you an alert for every port. As I said before, if you don’t want CIS alerting you over everything, you shouldn’t tell it to.

Sun is on the trusted vendor list. Some behaviors will be allowed due to this.