Announcement

Collapse
No announcement yet.

JUST HAPPENED - COMODO Firewall kills NIC after Windows 10 update

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • JUST HAPPENED - COMODO Firewall kills NIC after Windows 10 update

    WARNING: I think something in the recent WIN 10 update Borked the Comodo Firewall.

    BACKGROUND:

    I have a virtual PC running Win 10 pro. It is on the ITARIAN RMM and Comodo security. It received a major update and I rebooted it late yesterday. After coming back up, it would not connect to the internet.

    PROBLEM:

    In troubleshooting, I noticed it had no default gateway. But setting it manually did not work. It set back to blank every time I closed the window. I tried a winsock reset and reboot several times, looked for driver updates for the hyper-V NIC, even tried the old svr 2008r3 trick of setting it to DHCP and back. No joy.

    SOLUTION:

    Then I noticed the "COMODO Internet Security Firewall Driver" checked enabled in the properties of the NIC. So I disabled it and it let me reset the IP settings and everything is working OK now.

    Thanks.

  • #2
    There is a link posted about this.. error with the latest version of CCS you have to uninstall 11.2 and role back to 11.1. Disabling the firewall will also stop the error as a temporary fix.

    Comment


    • #3
      Hello nnsit Ed_Johnson ,

      Yup, there is. You can find the details in this post: https://forum.itarian.com/forum/prod...y-v11-2-0-7313

      If the agents on your endpoints have been updated to the latest version and then your customers started to experience these problems, I suggest you to downgrade them and check the environment. You can follow the steps in this wiki

      KRegards,
      Jay
      ITarian Staff

      Comment


      • #4
        Firewall in latest update breaks things.

        https://forum.itarian.com/forum/prod...our-experience
        Robin
        Director
        Strobe Technologies Ltd
        https://www.strobe-it.co.uk/

        Comment


        • #5
          Sad you found out about this problem from personal experience and not from a notice that Comodo sent out.
          Cant understand why Comodo refuse to notify its clients about this kind of major issues.

          Comment


          • #6
            Just had this happen on another client machine. So annoying. Comodo needs to PUSH out an update ASAP. not just make it available, but actively push it out to all available clients.

            Comment


            • #7
              Hello nnsit,

              We have created a support ticket for you regarding on this case. Please reply at your convenience.

              Thank you for your patience and understanding on this matter.

              Comment


              • #8
                Originally posted by nnsit View Post
                Just had this happen on another client machine. So annoying. Comodo needs to PUSH out an update ASAP. not just make it available, but actively push it out to all available clients.
                Various people have already informed you that 11.2 has a recall. I imagine you'd already pushed out 11.2 for an upgrade and the machine has been off until now.. What you need to do is monitor your dashboard for any instances of 11.2 and immediately remove them. Not really Comodos fault as you're fully aware of the problem.

                Comment


                • #9
                  I have had this problem many times, even with older versions. I am also having to disable it on many systems, as it seems to also cause sporadic issues with many 3rd party software applications, and even connecting to different networks. I had to disable it, just so a user could connect to a WiFi!! I also noticed, that with the last release, when you disable it, it puts an X on your AV icon, and says that the driver has been disabled. Horrible in my opinion.

                  Comment


                  • #10
                    Originally posted by Ed_Johnson View Post

                    Various people have already informed you that 11.2 has a recall. I imagine you'd already pushed out 11.2 for an upgrade and the machine has been off until now.. What you need to do is monitor your dashboard for any instances of 11.2 and immediately remove them. Not really Comodos fault as you're fully aware of the problem.
                    In my opinion, it is Comodos fault, it is their software that is acting up. I was not aware of the issue, because I do not get on the forum much, due to the horrid response times. So I might ask, if the issue is not comodo's fault, then who's is it?? I can believe it could be a Microsoft issue, as their updates break a lot of stuff, but do not really see how you can blame it on the technician. Like I said, I have had this problem many times, starting a year or so back, and I would be inclined to think that Comodo would have the issue fixed. I am not saying that it is the same issue, as it did work for some time, but the issue is software related!!

                    Comment


                    • #11
                      BOSS ,

                      We deeply understand its impact on MSPs across and our Developers are putting more additional information as well, via status page, this forum community and the portal's news and notifications. Our Product Management Team are working on all efforts making new information and notification available by all means. You can rest assured that these inputs are very much appreciated and forwarded transparently to all areas concerned.

                      Comment


                      • #12
                        Originally posted by BOSS View Post

                        In my opinion, it is Comodos fault, it is their software that is acting up. I was not aware of the issue, because I do not get on the forum much, due to the horrid response times. So I might ask, if the issue is not comodo's fault, then who's is it?? I can believe it could be a Microsoft issue, as their updates break a lot of stuff, but do not really see how you can blame it on the technician. Like I said, I have had this problem many times, starting a year or so back, and I would be inclined to think that Comodo would have the issue fixed. I am not saying that it is the same issue, as it did work for some time, but the issue is software related!!
                        Hi BOSS ,

                        First of all, we are sorry for the inconvenience that caused by the latest CCS update. Even though each CCS version is tested extensively before the releases, such cases can show up on production. In such cases, we do everything to help our customers to remediate any further problems and to recover the issue as soon as possible. You are right about that the issue is not caused by the same defect, but the symptom looks similar on the endpoints. Engineering team is on the issue from the very first moment of its detection.

                        As mean of communication in such cases, we mainly rely on Forum and C1/ITarian Notifications. However, we have received yours and many other customers' feedback and have already started to discuss how we can improve this process for future incidents.

                        Starting from the announcement of the CCS hotfix that our teams are working, you will be notified through additional channels.

                        Thank you for your understanding,
                        -Can
                        Product Manager
                        Comodo Cybersecurity Team

                        Comment


                        • #13
                          Originally posted by BOSS View Post

                          In my opinion, it is Comodos fault, it is their software that is acting up. I was not aware of the issue, because I do not get on the forum much, due to the horrid response times. So I might ask, if the issue is not comodo's fault, then who's is it?? I can believe it could be a Microsoft issue, as their updates break a lot of stuff, but do not really see how you can blame it on the technician. Like I said, I have had this problem many times, starting a year or so back, and I would be inclined to think that Comodo would have the issue fixed. I am not saying that it is the same issue, as it did work for some time, but the issue is software related!!
                          Hi BOSS

                          When I said it wasnt Comodos fault.. what I meant was that once the notification had gone out via the forum AND within the Endpoint platform, any further problems are more likely down to lack of monitoring by the user. Itarian is an endpoint monitoring platform.. If you are providing an endpoint monitoring service to clients and not even bothering to read the warning notifications within the platform, how can you be offering any kind of decent service?
                          Last edited by Jimmy; 04-25-2019, 01:44 PM.

                          Comment


                          • #14
                            Originally posted by Ed_Johnson View Post

                            Hi BOSS

                            When I said it wasnt Comodos fault.. what I meant was that once the notification had gone out via the forum AND within the Endpoint platform, any further problems are more likely down to lack of monitoring by the user. Itarian is an endpoint monitoring platform.. If you are providing an endpoint monitoring service to clients and not even bothering to read the warning notifications within the platform, how can you be offering any kind of decent service?
                            I would agree with this statement, but the origin of the issue was in the comodo software. I understand that there will be issues, but this is a pretty major issue that was not detected until it hit production. It is done, and we are cleaning up after the problem, and I guess we can always delay deployment, but if everyone done that, no one would ever move up to the next release. I might add that we only had a small fraction of systems impacted.

                            Comment


                            • #15
                              Originally posted by BOSS View Post

                              I would agree with this statement, but the origin of the issue was in the comodo software. I understand that there will be issues, but this is a pretty major issue that was not detected until it hit production. It is done, and we are cleaning up after the problem, and I guess we can always delay deployment, but if everyone done that, no one would ever move up to the next release. I might add that we only had a small fraction of systems impacted.
                              Yeah.. I have to agree on that.. and admit that I spend a vast amount of my time since putting Comodo products on some of my clients, attempting to fix problems caused by CCS. Far too many to risk rolling it out to our less understanding clients. Just today I was requested to remove CCS by another IT company who had come in to install new Printers. They blamed the CCS firewall for interfering with their software. To prove that was not the case... I simply removed CCS via the comodo local removal tool and left them to continue.. when I tried to reinstall CCS I got an error that the firewall wasnt functioning.. a repair install failed to fix the problem and the error kept saying it couldnt replace newer files... This is a device thats never had 11.2 installed to my knowledge and was working fine with 11.1 until I unistalled it and reinstalled. I really wanted CCS to work for us but in 30 years I've never had so many problems with a security program.

                              Comment

                              Working...
                              X