List of current bugs discussion

C.O.M.O.D.O_RT · April 3, 2023, 7:33am

Hi YrijKhab,

kindly refer the below link to download free comodo firewall version.

Thanks
C.O.M.O.D.O RT

YrijKhab · April 6, 2023, 9:41am

Greetings. After installation, the error remains.

C.O.M.O.D.O_RT · April 6, 2023, 11:07am

Hi YrijKhab,

Kindly boot your pc into safemode and run ciscleanuptool.
http://download.comodo.com/cis/download/installs/ciscleanuptool/ciscleanuptool_x64.exe
Then install CFW in normal mode and check.
Kindly let us know your feedback.

Thanks
C.O.M.O.D.O RT

YrijKhab · April 9, 2023, 11:17am

Cleanup does not run in safe mode + and as administrator.Log:
C:\Jenkins\workspace\CisCleanupTool2_vs19\CisCleanupTool2\CisCleanupTool2\RegTools.cpp:46 >> Can’t open key (SOFTWARE\COMODO\CIS\Esm), error 2
13:28:21 C:\Jenkins\workspace\CisCleanupTool2_vs19\CisCleanupTool2\CisCleanupTool2\CleanupOnline\CisCleanupTool2.cpp:76 >> ITSM Administrator password for Removal tool is not set, skip password verification, exiting…"

C.O.M.O.D.O_RT · April 10, 2023, 8:05am

Hi YrijKhab,

Let me check in our environment and update you.

Thanks
C.O.M.O.D.O RT

C.O.M.O.D.O_RT · January 18, 2024, 10:13am

Hi all,

Below are the bugs(From list of current bugs) which are tested and couldn’t able to reproduce in the CIS beta v12.3.1.8104 Beta.
1.Silent mode firewall silently blocks network access for unrecognized applications and does not log the block
4. HIPS/Sandbox bypass with SetVolumeMountPoint and DeleteVolumeMountPoint. The fix would be to hook the SetVolumeMountPoint and DeleteVolumeMountPoint WinAPI functions and treat it as a form of direct disk access like CIS does for the DefineDosDevice API function. That way you get a HIPS alert for direct disk access and it would be auto blocked when run in containment anytime an application calls these functions.
6. Embedded-code detection for misexec.exe does not work so msiexec.exe /I will not be detected.
15. Can’t paste IPv4 address in global and application rules, it only works in network zones.
16. Autorun analyzer and killswitch do not perform file rating lookup of files.
17. AV still scans executable files even when the executable is listed under scan exclusions
20. HIPS rules will get corrupted by being completely erased when a new rule is being created during system shutdown, such as when HIPS is in training mode or create rules for trusted applications is enabled in HIPS settings.
22. Contained applications can add/remove/change user accounts and groups, prior versions did not allow such action.
24. Microsoft Edge can not open any website or page when sandboxed .
25. Sometimes the CIS tray notification icon does not render and leaves an empty space. Topic link: Comodo Firewall systray icon invisible [M2419]
26. Windows security center does not always recognize CIS being active or enabled. Topic link: Windows security center does not always recognize CIS
28. CIS will constantly inform of a new update is available even when the latest version is installed, happens after updating to a new version using the internal program updater. Various posts reporting this issue scattered throughout, can’t be bothered to find all previous posts, but most recent topic here: Comodo version 12.2.2.2.8012 wants to install over and over and over again??
35. The Anti-virus will not scan files larger than 40 MB even when the setting “Limit maximum file size to” in the scan profile is disabled. The AV should scan all files regardless of size unless the option is used to limit the maximum file size that the AV should scan.
39. Firewall blocks outgoing connection requests for trusted applications at system startup if they attempt network access before CIS UI is loaded(cis tray and alerts UI processes) causing many blocked events in the firewall log for those trusted rated applications.
40. High CPU usage of cmdagent.exe process when a RAM drive is in use. Topic link.
Kindly check and let us know your feedback

FYI: Reproduced bugs are reported to the dev team and they are working on it.
There are few bugs which doesn’t have enough information to reproduce, however we are testing on it. We will update those bugs which needs more information to reproduce.

Thanks
C.O.M.O.D.O RT

CISfan · January 18, 2024, 1:18pm

Hello C.O.M.O.D.O_RT,

The bugs you mention have these bugs been fixed or is it just that your team isn’t able or capable to reproduce those bugs on your end ???

With same CIS code base it sounds unbelievable that your team isn’t able or capable to reproduce these ancient bugs which have been reported and well documented by so many CIS users and mods over the past decades.

I have the impression that Comodo likes to run in circles to avoid fixing these ancient bugs.

CISfan · January 21, 2024, 6:33pm

Any feedback from staff on above matter regarding sweeping bugs under the rug?

DecimaTech · January 23, 2024, 3:05pm

The only bugs that were fixed are bugs 4. and 24. Bug 22 was never an issue on Windows 10/11. Bug 34. doesn’t happen on Windows 11 but I do remember it happening on Windows 10 so it can be marked “fixed” even if they didn’t do any changes to how VD is run.

CISfan · January 23, 2024, 8:03pm

Why does Comodo Staff not respond on my replies?

It is Comodo business as usual, bring the reported issues to the team, the team is working on it, we keep you posted… but nothing comes out… Comodo keeps denying reported problems as they always did.
It’s a slap in the face of CIS users…

C.O.M.O.D.O_RT · January 24, 2024, 6:58am

Hi CISfan,

We can understand your circumstances and expectation towards cis improvement.
The team is working hard to fix these issue .
Kindly support us.

Thanks
C.O.M.O.D.O RT

CISfan · January 24, 2024, 10:22am

C.O.M.O.D.O_RT:

Hi all,

Below are the bugs(From list of current bugs ) which are tested and couldn’t able to reproduce in the CIS beta v12.3.1.8104 Beta.
1.Silent mode firewall silently blocks network access for unrecognized applications and does not log the block
4. HIPS/Sandbox bypass with SetVolumeMountPoint and DeleteVolumeMountPoint. The fix would be to hook the SetVolumeMountPoint and DeleteVolumeMountPoint WinAPI functions and treat it as a form of direct disk access like CIS does for the DefineDosDevice API function. That way you get a HIPS alert for direct disk access and it would be auto blocked when run in containment anytime an application calls these functions.
6. Embedded-code detection for misexec.exe does not work so msiexec.exe /I will not be detected.
15. Can’t paste IPv4 address in global and application rules, it only works in network zones.
16. Autorun analyzer and killswitch do not perform file rating lookup of files.
17. AV still scans executable files even when the executable is listed under scan exclusions
20. HIPS rules will get corrupted by being completely erased when a new rule is being created during system shutdown, such as when HIPS is in training mode or create rules for trusted applications is enabled in HIPS settings.
22. Contained applications can add/remove/change user accounts and groups, prior versions did not allow such action.
24. Microsoft Edge can not open any website or page when sandboxed .
25. Sometimes the CIS tray notification icon does not render and leaves an empty space. Topic link: Comodo Firewall systray icon invisible [M2419]
26. Windows security center does not always recognize CIS being active or enabled. Topic link: Windows security center does not always recognize CIS
28. CIS will constantly inform of a new update is available even when the latest version is installed, happens after updating to a new version using the internal program updater. Various posts reporting this issue scattered throughout, can’t be bothered to find all previous posts, but most recent topic here: Comodo version 12.2.2.2.8012 wants to install over and over and over again??
35. The Anti-virus will not scan files larger than 40 MB even when the setting “Limit maximum file size to” in the scan profile is disabled. The AV should scan all files regardless of size unless the option is used to limit the maximum file size that the AV should scan.
39. Firewall blocks outgoing connection requests for trusted applications at system startup if they attempt network access before CIS UI is loaded(cis tray and alerts UI processes) causing many blocked events in the firewall log for those trusted rated applications.
40. High CPU usage of cmdagent.exe process when a RAM drive is in use. Topic link.
Kindly check and let us know your feedback
FYI: Reproduced bugs are reported to the dev team and they are working on it.
There are few bugs which doesn’t have enough information to reproduce, however we are testing on it. We will update those bugs which needs more information to reproduce.

Thanks
C.O.M.O.D.O RT

Your statement means that Comodo will take no further actions to resolve these above bugs because the team isn’t able to reproduce those bugs while Comodo knows that these bugs are still present in CIS codebase and these bugs will linger on in CIS codebase forever, right?
Or am I missing something here?

infosec · January 24, 2024, 11:36am

Thank you for the global feedback, but unfortunately it remains quite unspecific. Appreciate the start @DecimaTech made here: List of current bugs discussion - #287 by DecimaTech and here: List of current bugs. However, as also @CISfan has asked for repeatedly, I think all beta-testers and especially the bug-submitters are awaiting a full official status update on all 42 reported bugs, as promised by @ilgaz last November: Comodo Internet Security 2024 v12.3.1.8104 beta - #201 by ilgaz. By having all in one place, such a detailed and up-to-date bug status overview could also be of help to the CIS development team in preparation for their upcoming third 2024 beta. Thanks in advance!

C.O.M.O.D.O_RT · January 24, 2024, 12:33pm

Hi CISfan,

We didn’t mean that we won’t take further actions to resolve these bugs.
As we couldn’t able to reproduce these bugs with the CIS beta version, so if you guys were able to reproduce with the CIS beta version. Then provide us the steps to reproduce so that we will test and fix it.
However @DecimaTech has provided steps to reproduce to the above issues(No: 1, 6, 15, 16, 17, 20, 25, 26, 35, 40) and we are testing on it.
@DecimaTech Thank you for supporting.

Thanks
C.O.M.O.D.O RT

CISfan · January 25, 2024, 11:03am

Why does Comodo keep telling to CIS users to report the same already existant and uncountable numerous times reported bugs over and over again??? Just because Comodo can’t “reproduce” those bugs???
Why can’t Comodo Team reproduce those bugs when @DecimaTech can reproduce those bugs in current CIS codebase and even telling you how to reproduce them???
Like I said before, these bugs are still present in CIS codebase and with Comodo refusal to fix them they will stay in CIS codebase forever…

C.O.M.O.D.O_RT · January 29, 2024, 8:35am

Hi DecimaTech & All,

1.Silent mode firewall silently blocks network access for unrecognized applications and does not log the block
We have tested the above issue with CIS beta and found that Silent mode firewall silently doesn’t blocks network access for unrecognized applications.
Refer the attached pic

Thanks
C.O.M.O.D.O RT

C.O.M.O.D.O_RT · January 29, 2024, 8:45am

Hi DecimaTech & All,

Embedded-code detection for misexec.exe does not work so msiexec.exe /I will not be detected.
We have tested the above issue and couldn’t able to reproduce it.
So we need the reproduction video of the issue so that the team will see and reproduce it.

Thanks
C.O.M.O.D.O RT

C.O.M.O.D.O_RT · January 29, 2024, 10:24am

Hi DecimaTech & All,

Can’t paste IPv4 address in global and application rules, it only works in network zones.
The above issue is reproduced and reported to the team.
Thank you @DecimaTech for providing the steps to reproduce this issue.

Thanks
C.O.M.O.D.O RT

DecimaTech · January 29, 2024, 2:54pm

Interesting but my screen shot shows that the google web installer can not connect to download chrome after I set google llc as unrecognized in the vendor list and switched to silent mode.

C.O.M.O.D.O_RT · January 29, 2024, 3:01pm

Hi DecimaTech,

Seems like you tested with only firewall installed.
Let me test this case with only firewall installed and update you

Thanks
C.O.M.O.D.O RT