Unable to install MSI packages in Sandbox under "Proactive Security" cfg [M1482]

A. THE BUG/ISSUE (Varies from issue to issue)

Can you reproduce the problem & if so how reliably?:
Yes, every time.

If you can, exact steps to reproduce. If not, exactly what you did & what happened:

  1. Try to install any msi-package in the virtual space (Comodo Sandbox)
  2. Get an error message

One or two sentences explaining what actually happened:
Error reading from msi-file

One or two sentences explaining what you expected to happen:
There should be no error while installing MSI package.

If a software compatibility problem have you tried the advice to make programs work with CIS?:

Any software except CIS/OS involved? If so - name, & exact version:

Any other information, eg your guess at the cause, how you tried to fix it etc:

Exact CIS version & configuration:
Configuration: Proactive Security

Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:

“Do not show antivirus alerts”: disabled

Safe Mode
“Create rules for safe applications”: disabled

Auto-Sandbox: Enabled, default rule set
Firewall: Safe Mode

Have you made any other changes to the default config? (egs here.):
No changes

Have you updated (without uninstall) from CIS 5 or CIS6?:

Have you imported a config from a previous version of CIS:

OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Win7x64SP1 (VMware), Admin, UAC is enabled

Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=None b=None

[attachment deleted by admin]

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may not communicate with you in the forum or by PM/IM, depending on time, availability, and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again.

[at]kibinimatik, I’ve been informed that the sample you’ve provided is corrupt and does not install outside of sandbox. Could you kindly provide another one?


[attachment deleted by admin]


New sample must be correct.

[attachment deleted by admin]

I’ve updated tracker data.

Thank you.

Unable to reproduce the issue (as you can see in the attached screenshot). Tested with : Win 7 x64, Win 8 x64, Win 8.1 x64 and Win 10 x64 (10130 build).

Please provide additional information.

[attachment deleted by admin]

This bug appears when the settings tab “Protected Objects” > “COM Interfaces” contains the item “LocalSecurityAuthority.Shutdown”.
So is by default in the configuration Proactive Security. I have noted this configuration in the report.

MSI packages can be installed in the virtual environment when the interface “LocalSecurityAuthority.Shutdown” is not protected (as in the config. “Internet Security”).

See the attachment.

[attachment deleted by admin]

I’ve linked you post in the tracker & edited bug report title.


Can confirm on having LocalSecurityAuthority.Shutdown in the protected COM interfaces prevents an installer with the msi file extension that requires that privilege will fail the installation process when ran fully virtualized e.g. the MSI installer for 7zip.

This is fixed in the leaked CIS beta.
Many thanks to developers!

In that case, I will move this one to “Resolved” section.
Thank you.