My honest answer:
If I hadn’t had such positive experiences with Comodo over the many, many years, I would have switched long ago. But for this reason, I still stick with Comodo. But, as I mentioned, cybercriminals are becoming increasingly sophisticated in their methods, and the question is becoming more and more important: How long will Comodo last? Is Comodo really still interested in protecting my PC, or will the bomb eventually hit me too?
AV-test shows how many programs offer 100% protection. They keep pace with developments. My trust in Comodo is gradually fading due to these discussions, because there are users here who, with their knowledge, can alert everyone to risks regarding errors and potential entry points. Bitdefender, ESET, Emsisoft, or even Kaspersky are my candidates.
And the answer: “I’ll report the problem to the team” has long since become obsolete.
AV-Test shows how many programs offer 100% protection. They keep pace with developments. My trust in Comodo is gradually fading due to these discussions. The uncertainty and insecurity surrounding knowledge-based cybercrime is growing.
When an antivirus is about to pass a year since its last update? Wouldn’t it be wiser to give up on this antivirus? Security is at stake. If it were an application software, the matter would be different.
That applies to me too. But I’m gradually starting to prioritize safety, since there isn’t a romantic relationship. If we’re not getting along anymore, divorce is the lesser evil.
A response to our inquiry is also still pending. It is likely that no updates are yet available to close the security gaps.
But we rely more on the apparently very reliable firewall, right? Is the Comodo CIS 12.3.4.8162 firewall still as reliable? Questions upon questions, doubts upon doubts. Are we gradually becoming fan users?
Sorry for the inconvenience.
Our team is working on the reported bug and support for the product. We appreciate your understanding and continued trust in us.
We will keep you posted regarding the upcoming release .
Regarding the CVE’s mentioned, for these to actually work would be extraordinarily unlikely
“The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult.”
Essentially far too many things have to be in place for this to have any detrimental effect. Contrast these Comodo CVE’s to the traditional Security products being bypassed by a simple zero-day malicious file. Which of these two in your opinion would present the most risk?
A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability affects unknown code of the file cis_update_x64.xml of the component Manifest File Handler. …The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.The vendor was contacted early about this disclosure but did not respond in any way.
But Comodo can’t rely on it because the attack is difficult, so isn’t any action necessary? Cybercriminals aren’t getting any dumber. I would be/am happy if Comodo were superior here. Comodo could certainly react faster than with zero-day attacks. But does Comodo do it?. CVEs are also accessible to cybercriminals. I don’t know if I can really continue to use online banking, for example, securely. Currently, I’m using CIS 8162 (not yet subscribed due to these long-standing uncertainties regarding Comodo) with Secure Shopping (as a separate part of CIS) and Cyberlock! I STILL have some confidence in Comodo.
Does that mean Comodo’s protection mechanism is based solely or primarily on CVE, and it reliably fends off zero-day attacks through Comodo’s protection mechanism (containment—every software is initially considered suspicious, whitelisting)?
Apologies if some of this has already been discussed in another thread and thanks for your answer.
Hello everyone,
3 Things:
1- Criticism doesn’t provide any solutions for the product; only the developers are competent to adjust Comodo CIS in order to improve it.
2- Comodo has been a well-known firewall for years; it needs to be updated, that’s a given.
3- It’s unfortunate that some people take the malicious pleasure of always posting the same negative comments on this forum.
COMODO_RT still participates in this forum; that’s a guarantee of product continuity, right? The worst thing is its disappearance and the closure of the forum, which will prove that Comodo CIS has been abandoned.
In the meantime…
Thank you for your understanding.
ZorKas
I’ve seen C.O.M.O.D.O RT more than any other employee on forum, and only one person should answer dozens of topics? Most of topics are unanswered. Has Comodo’s support team moved to enterprise version? The changes won’t happen suddenly, and maybe home version antivirus and Comodo name will gradually fade away.
You’re right. As for me, I’ve become very unsettled since the last serious vulnerability was published on July 7 to the GitHub Advisory Database • Updated on July 18. Or should I just stop reading such posts in this forum (seriously)? Yes, the firewall is missing an update, and this is in addition to this, an update for increased security. Or is whitlisting suffice (also a serious question)? Cruelsister admits that there is a risk, more for some, less for others. But how high is the risk now (without an update) and in AV-Test competitors score 100% or 6 out of 6 points. So their risk would be demonstrably very, very low. That’s where my doubts start. No tests on comodo. I’m relying on my experience with comodo: 100% or 6 out of 6 points. But that is the past. The future is important. The sophistication of cyber criminals.
Hello. Dear ZorKas: ( 3. Unfortunately, some people take malicious pleasure in constantly posting the same negative comments on this forum.
COMODO_RT is still participating in this forum; this is a guarantee that the product will evolve, right? The worst case scenario is his disappearance and the closure of the forum, which will mean that Comodo CIS has abandoned him. ) To my great regret, we really allow ourselves ( 3. Unfortunately, some people take malicious pleasure in constantly posting the same negative comments on this forum.) But understand that we are really worried about COMODO and our safety.
Doing a deeper dive into the CVE’s, note that both essentially attempt to trick Comodo into connecting to a false server where a malicious file can be downloaded which would infect the system.
The essential part of the attack chain is the connection out to malware command. This is done by the creation of a payload that uses the web delivery module of Metasploit. I acquired and uploaded these Scriptors to Malware Bazaar for your enjoyment:
Note that if either are blocked (contained) the CVE’s just will not work. So although the CVE’s are correct in that Comodo’s Manifest File Handler can potentially be exploited, the actual exploit in reality may be very difficult to implement indeed.
So although a person may or may not want to use Comodo, make sure the decision is not based on uninformed drivel.
(forgot to add that the scripts are heavily obfuscated and contain a Base64-encoded PowerShell command. Upon decoding the command, the scripts are designed to download and execute content from a remote server (long since dead). The script uses powershell.exe with the -nop and -w hidden flags to run the encoded command without displaying a window, thus attempting to conceal activities. The decoded PowerShell command configures a web client to download content from a specified URL and then executes it. The URLs (hxxp://192.168.58.192:8080/OFO8GUCBsT/rqCtAc and hxxp://192.168.58.192:8080/OFO8GUCBsU) is a command and control (C2) server.)
I understand some of this, but certainly not enough to draw a definitive conclusion. I lack in-depth knowledge.
Is Comodo CIS still safe in 2025?
The following still applies to me. STILL!
I am and was protected by comodo, have never had any problems etc.
And I am not an isolated case, but a multiple person:
PCs, laptops, all versions of Windows, various programs - that’s 99 people in one - and all were protected by comodo.
What I understand exactly is:
In simple terms: It is extremely difficult to inject malicious code into Comodo and:
Comodo’s antivirus is outdated or unreliable.
The firewall and sandbox, however, are reliable (this also applies to the unpaid version of Comodo, especially with regard to containment). I’m certainly not interested in the money. These doubts exist, but @cruelsister has already reduced them considerably. I like Comodo, but I value security even more. Norton, for example, achieving 100% in tests, above the industry average.
This site seems to be fairly neutral. I’m trying to cement my (still) trust in Comodo’s security.:
Comodo Firewall review last updated April 21, 2025
Award-winning anti-malware protection that doesn’t cost a penny
The internet is so full of malicious software that it’s not a matter of whether an unprotected PC will get infected with something serious; it’s a matter of how quickly it’ll happen.
…Comodo…blocks malicious software from getting onto your PC, and if there’s already malware on your PC it stops it from …offers safe web browsing and it works on the basis of what’s called Default Deny Protection with Default Allow Usability. In plain English, that means it assumes unknown software is guilty until proven innocent.
Final verdict
All things considered, Comodo Firewall is a capable device protection system that, for the most part, is free to use, exceptionally easy to navigate but complex enough so those who wish to tinker with the more detailed settings and configurations can freely do so. …combining it with Microsoft Defender or a similar solution might be the best course of action.