Have U updated (without uninstall) from a previous version of CIS:No.
[li]if so, have U tried a a clean reinstall - if not please do?:N/A.
[/li]- Have U imported a config from a previous version of CIS:No.
[li]if so, have U tried a standard config - if not please do:N/A.
[/li]- Have U made any other major changes to the default config? (egs here.):No.
OS version, SP, 32/64 bit, UAC setting, account type, & virtual machine used :Win 7, No SP, 32Bit, UAC off, Admin, No VM.
Other security & sandbox software a) currently installed b) installed since last OS install:Previous versions of CIS.
Seems to be with all functions that run of an .exe…
i tried killswitch samething. i guess they need a global exe or shorcut deny with password enabled.
Im on Windows 8 x64 with UAC off. Same thing. Glad this was found early. could be fashioned in some form as an exploit obviously…
Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.
Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.
This bug is partially fixed.
Password is no longer bypassed from the widget as stated in A-4-3 (Fixed).
Password can be bypassed from the widget to open kill switch via the running in sandbox button, which I am not sure if this happened previously or not.
Password can still be bypassed to open kiosk from a desktop shortcut or direct from the virtkiosk.exe file.