Can U reproduce the problem & if so how reliably?: Yes. All the time.
If U can, exact steps to reproduce. If not, exactly what U did & what happened:
A. Open CIS advanced settings and set any password.
B. Get any unknown file and execute it so you will get the alert from the BB.
C. On the execution of any file requiring elevated privilege access with detect installers switched on you will get an alert from the BB.
D. If you select/click on any action such as: run limited, run unlimited or block you will get a notification from CIS saying ‘enter password’.
E. You put your password in.
F. Only after the password input the action takes place such as run limited, run unlimited or block.
If not obvious, what U expected to happen: Don’t get asked for the password.
If a software compatibility problem have U tried the conflict FAQ?: N/A
Any software except CIS/OS involved? If so - name, & exact version: No
Any other information, eg your guess at the cause, how U tried to fix it etc: No. I keep my password disabled from now because of this issue I can’t use this option.
Always attach: Find attached diagnostics file and watch activity process list. If complex: N/A.
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV: HIPS=Disabled, BBlocker=Untrusted, Firewall=Safe, AV=Enabled with the cloud.
Have U made any other changes to the default config? (egs here.): Yes. AV set to high heuristics. Firewall have advanced options selected apart from IPv6 traffic. Blocked incoming connections.
Have U updated (without uninstall) from CIS 5: No.
if so, have U tried a a clean reinstall - if not please do?: N/A
Have U imported a config from a previous version of CIS: File configuration got saved from 6.0 to 6.1 during the update.
if so, have U tried a standard config - if not please do: Yes.
OS version, SP, 32/64 bit, UAC setting, account type, & virtual machine used: Windows 7, SP1, 64bit, UAC=on, admin, VM not used
Other security/sandbox software a) currently installed b) installed since OS: a) EMET 3.5, Zemana Antilogger, Malwarebytes PRO, Trusteer Rapport b) No
Thank you very much for your bug report in standard format. We very much appreciate the effort you have made to document this bug.
We are sorry to trouble you further but there are some items of information missing or unclear in your post:
You ‘Watch activity’ process list
Your CIS diagnostics file
Could you please list out the information you give under steps to replicate, making sure you say exactly what you are doing
The reasons we need these items of information, though they may not seem directly relevant to the issue are explained here.
We would be very grateful if you would add these items of information so we can forward this post to the format verified board, where it is more likely to get fixed. You can find assistance using red links in the Format and here. If you need further help please ask a mod. If you do not add the information after a week we will forward this post to the non-format board. If this happens we will tell you how to rectify this if you wish to.
In the current process we will normally leave it up to you whether you want to make a report which includes all necessary information or not. We may remind you if we think a bug of particular importance.
Well thank you, just wanted to file a bug report about exact same issue, but you done it first.
I confirm the bug, same here. And I’m switching back to old vers. The current build is buggy.
I am not convinced this is a bug and not done by design.
Previous versions have a ‘Suppress Alerts’ for password protection and automatically block any alerted action.
This has been removed from V6, therefore alerts will still be shown with V6.
The password creator will still be able to answer these alerts, but any other user (Possibly inexperienced) will not be able to in case they choose run/allow a malicious action.
I would kind of imagine this is by design for system protection, now that ‘Suppress Alerts’ has been removed.
If you know how to reply alerts then this design (password for unknown alerts) is simply a hindrance affecting usability
& if you want to prevent others installing unknown things then too this design is a hindrance affecting usability i.e why ask them for password if they dont have it, a simple block unknown option with notification serves the purpose.
I guess it could be viewed as such.
I am only guessing but I imagined requiring a password was an addition (A replacement for suppress) so that anyone knowing the password could still have functional alerts, this would be an alternative to suppressed alerts which in turn took away all alert options from all users.
IMO the idea of suppressing alerts to protect the system from unauthorised options is more restricted than password required alerts with selectable options still available.
Did not realise the CIS 5.x password protection had that facility.
So can anyone confirm this if it’s a bug or not? And if it’s not why CIS 6 only have it now in the new version and not previous? Who wanted this? It’s very annoying in my view and impractical.
OK will wait till say Tuesday for reply from QA, after PMing them on Monday.
If no reply will forward to verified if the additional requested information is appended, otherwise regrettably to non-verified. If anyone other than Seany wants to append that information, please append it with part B of the bug format.
Thank you. Yes let’s see. Somebody also didn’t got back to me yet about this issue. If we get no reply/info about this I will add things which are needed to submit this bug report and we can go ahead.