UA alerts are password protected & you cannot switch this off [M376] [v6]

THE BUG/ISSUE:

  1. Summary: Topic subject.
  2. Can U reproduce the problem & if so how reliably?: Yes. All the time.
  3. If U can, exact steps to reproduce. If not, exactly what U did & what happened:
    A. Open CIS advanced settings and set any password.
    B. Get any unknown file and execute it so you will get the alert from the BB.
    C. On the execution of any file requiring elevated privilege access with detect installers switched on you will get an alert from the BB.
    D. If you select/click on any action such as: run limited, run unlimited or block you will get a notification from CIS saying ‘enter password’.
    E. You put your password in.
    F. Only after the password input the action takes place such as run limited, run unlimited or block.
  4. If not obvious, what U expected to happen: Don’t get asked for the password.
  5. If a software compatibility problem have U tried the conflict FAQ?: N/A
  6. Any software except CIS/OS involved? If so - name, & exact version: No
  7. Any other information, eg your guess at the cause, how U tried to fix it etc: No. I keep my password disabled from now because of this issue I can’t use this option.
  8. Always attach: Find attached diagnostics file and watch activity process list. If complex: N/A.

YOUR SETUP:

  1. Exact CIS version & configuration: CIS 6.1 Build 2801, Proactive security.
  2. Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV: HIPS=Disabled, BBlocker=Untrusted, Firewall=Safe, AV=Enabled with the cloud.
  3. Have U made any other changes to the default config? (egs here.): Yes. AV set to high heuristics. Firewall have advanced options selected apart from IPv6 traffic. Blocked incoming connections.
  4. Have U updated (without uninstall) from CIS 5: No.
  5. if so, have U tried a a clean reinstall - if not please do?: N/A
  6. Have U imported a config from a previous version of CIS: File configuration got saved from 6.0 to 6.1 during the update.
  7. if so, have U tried a standard config - if not please do: Yes.
  8. OS version, SP, 32/64 bit, UAC setting, account type, & virtual machine used: Windows 7, SP1, 64bit, UAC=on, admin, VM not used
  9. Other security/sandbox software a) currently installed b) installed since OS: a) EMET 3.5, Zemana Antilogger, Malwarebytes PRO, Trusteer Rapport b) No

[attachment deleted by admin]

Thank you very much for your bug report in standard format. We very much appreciate the effort you have made to document this bug.

We are sorry to trouble you further but there are some items of information missing or unclear in your post:

  • You ‘Watch activity’ process list
  • Your CIS diagnostics file
  • Could you please list out the information you give under steps to replicate, making sure you say exactly what you are doing

The reasons we need these items of information, though they may not seem directly relevant to the issue are explained here.

We would be very grateful if you would add these items of information so we can forward this post to the format verified board, where it is more likely to get fixed. You can find assistance using red links in the Format and here. If you need further help please ask a mod. If you do not add the information after a week we will forward this post to the non-format board. If this happens we will tell you how to rectify this if you wish to.

In the current process we will normally leave it up to you whether you want to make a report which includes all necessary information or not. We may remind you if we think a bug of particular importance.

Many thanks again

Mouse

Requirements discussed by PM and OP is deciding whether to post requested information

Thank you. I’m aware. I edited it again because it’s not ready as I’m waiting for somebody to back me up about this issue… :slight_smile:

Well thank you, just wanted to file a bug report about exact same issue, but you done it first. :slight_smile:
I confirm the bug, same here. And I’m switching back to old vers. The current build is buggy.

Regards RealNature,

Same here, I too confirm the bug

THanks for replication guys very helpful

Mike

Could someone please post a diagnostics file and a watch activity process list please. If not Seany, please post it with Part B of the bug report.

Many thanks in anticipation

Mouse

I am not convinced this is a bug and not done by design.

Previous versions have a ‘Suppress Alerts’ for password protection and automatically block any alerted action.
This has been removed from V6, therefore alerts will still be shown with V6.

The password creator will still be able to answer these alerts, but any other user (Possibly inexperienced) will not be able to in case they choose run/allow a malicious action.
I would kind of imagine this is by design for system protection, now that ‘Suppress Alerts’ has been removed.

If it is by design then a very bad design & should be changed.

It affects usability in a way & breaks password protection feature i.e to avoid it you have to disable password protection.

Wait to see what others say, but I think an option to disable password requirement for alerts could be something for the wishlist.

This design is simply a waste i.e…

If you know how to reply alerts then this design (password for unknown alerts) is simply a hindrance affecting usability

& if you want to prevent others installing unknown things then too this design is a hindrance affecting usability i.e why ask them for password if they dont have it, a simple block unknown option with notification serves the purpose.

Interesting thought, if so, logically, user would essentially be being restricted to normal user privs plus a bit?

Did not realise the CIS 5.x password protection had that facility

Best wishes

Mouse

I guess it could be viewed as such.
I am only guessing but I imagined requiring a password was an addition (A replacement for suppress) so that anyone knowing the password could still have functional alerts, this would be an alternative to suppressed alerts which in turn took away all alert options from all users.
IMO the idea of suppressing alerts to protect the system from unauthorised options is more restricted than password required alerts with selectable options still available.

Did not realise the CIS 5.x password protection had that facility.
[url=http://help.comodo.com/topic-72-1-284-3062-How-To-Password-Protect-Your-CIS-Settings.html]Password Protect 5.9/5.10[/url]

Ta Captain. Interesting observation.

Less restrictive - good point - but more worrying maybe… More hassle for admin. Wonder if ESM has this?

Would someone from QA Please clarify? (Will also try Ymalyi on Monday)

So can anyone confirm this if it’s a bug or not? And if it’s not why CIS 6 only have it now in the new version and not previous? Who wanted this? It’s very annoying in my view and impractical.

I still think it’s 99% bug… Comodo staff? Anyone?

I too think its a bug.

OK will wait till say Tuesday for reply from QA, after PMing them on Monday.

If no reply will forward to verified if the additional requested information is appended, otherwise regrettably to non-verified. If anyone other than Seany wants to append that information, please append it with part B of the bug format.

Many thanks in anticipation

Mouse

Thank you. Yes let’s see. Somebody also didn’t got back to me yet about this issue. If we get no reply/info about this I will add things which are needed to submit this bug report and we can go ahead.

Edit: In red ???

Just to save you appending it :slight_smile: