A. THE BUG/ISSUE (Varies from issue to issue)
Can U reproduce the problem & if so how reliably?:
Yes, Every time.
If U can, exact steps to reproduce. If not, exactly what U did & what happened:
1: I’ve made several (non-malicious) simple test applications named : winmove-test, resize-test, class-test, transparency-test.
winmove-test and resize-test will try to to find window title "COMODO Internet Security Premium " so it can tamper with the window (modify position outside the desktop screen, resize window to 800x800px).
class-test will try to find the window class “CisMainWizard” and set to position (0,0) affecting alerts, windows, etc (not just the main gui).
transparency-test will try to find the window class “CisMainWizard” and set transparency 0 affecting alerts, windows, etc (not just the main gui). Screen color must be greater or equal to 16-bit.
2: Run a test application in sandbox under certain restrictions (check additional information section). Please note, main gui must be launched for most of these tests to work correctly/as expected.
One or two sentences explaining what actually happened:
winmove-test will move CIS main gui outside the desktop ;
resize-test will modify CIS window to 800x800px (check attached picture: resized_800x800.png) ;
class-test will move window to position (0,0) ;
transparency-test will set transparency to 0 (invisible).
Conclusion : Malicious applications can be made using these techniques that could leave the user with inability to make a choice.
One or two sentences explaining what you expected to happen:
CIS should be secure by design/default- restrict sandboxed applications to interfere with the gui or/and make it stealth to the sandbox.
If a software compatibility problem have you tried the conflict FAQ?:
N/A.
Any software except CIS/OS involved? If so - name, & exact version:
N/A.
Any other information, eg your guess at the cause, how U tried to fix it etc:
winmove-test , resize-test , class-test = affects CIS only under “Partially Limited” restrictions.
transparency-test = affects CIS only under “Partially Limited”, “Limited” restrictions.
I’ve attached a picture of “main gui” named main_gui.png just to clear out confusion.
B. YOUR SETUP
Exact CIS version & configuration:
7.0.317799.4142
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
N/A.
Have U made any other changes to the default config? (egs here.):
N/A.
Have U updated (without uninstall) from CIS 5 or CIS6?:
N/A.
if so, have U tried a a a clean reinstall - if not please do?:
N/A.
Have U imported a config from a previous version of CIS:
N/A.
if so, have U tried a standard config - if not please do:
N/A.
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
OS: Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.140303-2144)
UAC: Disabled
Account type: Administrator
V. Machine: Not used
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=N/A. b=N/A.
[attachment deleted by admin]