Hotfix for Comodo Client Security 2019-05-06

Hello everyone,

We would like to inform you that all the work and tests are completed and we will have a hotfix over Comodo Client Security with version number 11.2.2.7373 on Monday (2019-05-06) in the morning. You can update your endpoints via Auto-update or manually on Endpoint Manager->Device List, as usual. We kindly remind you to check the Default Client Version settings in Portal Set-up before updating your clients.

Root Cause & Bug Fix:
The root causes for these issues are identified as incompatibilities between network architecture and the recent improvements on Firewall module architecture. This issue is fixed with this release.

Best regards,

Comodo Cybersecurity Team

Good update and nice reminder about the new version setting which could stop you deploying this update.

Can you clarify please… so the latest EM client is a requirement prior to updating the CCS to 11.2.2?

Hi @Ed_Johnson , the latest CCC is not needed, but you need to make sure inside Endpoint Manager you did not configure the latest version for deployment to be anything but the default latest option.

Hope that makes sense

For anyone now trying to update to this release 11.2.2.7373 who has previously set their portal to an earlier release (Default Client Version settings in Portal Set-up), you need to specifically choose ‘latest 11.2.2.7373’ and not just ‘11.2.2.7373’ on the list of versions. This has been reported as a bug to development.

I’m guessing the bug is choosing “Latest 11.1.xxxx” did not update to “Latest 11.2.xxzz”

You need to choose the same version from the list but with the latest prefix.

ok. so today we’ve had two devices so far auto update… and are showing 11.2.2.7313. The ones we forced to update manually yesterday to the latest version updated to 11.2.2.7373.

Until this point all devices were running 11.1

Could obv be a couple of devices that had’nt been rebooted since the 11.2 problems but still a little worrying as it happened today.
.
Edit: I forced the 2 rogue devices to manually update and they have updated successfully to 11.2.2.7373

Still have the majority of devices to update automatically so will monitor.

Hello everyone,

Where can we download the latest 11.2.2.7373 version ‘CIS_x86.msi’ and ‘CIS_x64.msi’ packages? I have tried to download from the usual paths, https://cdn.download.comodo.com/itsm/ and https://download.comodo.com/itsm/, but the MSI packages available there are still version 11.1.0.7259.

Thanks a lot in advance!

– Javier Llorente
Devoteam - Endpoint Security

Hi Javier

Is that the installer for just Comodo Client Security? I was told there wasnt any way to install CCS except via the bulk installer bundled with the Endpoint manager. That would help in installing onsite to devices that already have EM installed.

Regards

Ed

Hi Ed,

If your endpoints have the Endpoint Manager Communication Client already installed, then the best way to deploy the Security Client is to do it from the EM Console. The ‘CIS_x86.msi’ and ‘CIS_x64.msi’ files are indeed the installation packages for just Comodo Client Security, but they don’t include any signature file and they must be installed silently. We use them just for the initial deployment of the computers, we have a script to install it in the final steps of the MDT Task Sequence.

Check the “VBScript to install CCC, CCS and the initial Antivirus Database on desktops/servers using different options” script in the script library and take a look at the script documentation in the Wiki, there is a lot of interesting information there to help you make your own deployment script, including the URLs to download the CCS installers that I posted above.

Hope this will help you. :slight_smile:

Best regards,
– Javier Llorente
Devoteam - Endpoint Security

This update is breaking Cisco AnyConnect VPN AGAIN!!!

@MTekhna ,

We have created an escalation ticket in regards to your report. Please check your forum registered email for further investigation.

@Jimmy where is @melih ? It’s crazy that we’re going on 3 years as a paid customer and we haven’t had a year free of major issues caused by this software. Essentially we’re paying to beta test bugs. This is beyond escalation triage and response. There’s something fundamentally flawed in the process and/or the people. Whatever it is it’s going to cost you business. I’m tired of dealing with Comodo caused IT issues.

@MTekhna ,

We understand the urgency of your request. We have noticed that our support team have sent an email April 25th and haven’t gotten a response to troubleshoot the issue. We have just sent a follow-up email on your urgent case. We deeply regret this occurrence. Our Product Development team are also in tuned-in in investigating your report.

As long as you chose the “Latest xxx” option that will be updated as Comodo release.

Hi @MTekhna , we understand your pain. First of all let me reach out to say Comodo are doing their best on this, but we agree that the firewall is a major issue with the system.

@melih is the main man ad in owner, and I speak to him very regularly and is always making resources available to solve major issues like this.

Unfortunately with the firewall, everytime they solve the bugs ready to improve it MS change the way the NIC and firewall drivers work putting us back to none working.

I know the main tech guys like @fatih do not like the idea, but please disable your Firewall so you can get things working again straight away.

I’ll see what I can do to help from our end for you, but I cannot guarantee results.

The requested information has been uploaded. There was initially no facility provided to transmit the data to you when it was first collected. They provided the SFTP option some 10 days after the incident. But how is it Comodo software causes an emergency for me and in addition to having to try to put out the fires I also have to collect the data for you to figure out what you did to break the functionality of our system and hopefully provide me a solution that I then have to implement? Using your software is creating far too many unnecessary headaches and extra work for me.

We requested a script to do this from the portal a while ago now, and I can say it works very well.

All you should have to do is run this on the required devices and supply the names of the devices and they can find it from their FTP as needed.

If you have provided the logs they are normally very good at getting back to you quickly.

So where are we with this? My team spent 10 hours today going PC to PC disabling the firewall for users for all sorts of clients. Hundreds of PCs.

My suggestion is some sort of inet test pop up for the user to go through the disabling procedures that we would try during normal course of response. Just like the pop up if the security helper service is not running and offer to fix this issue.

Seems like we could get around these types of issues by simply building in a rollback feature for an update that a user could invoke without inet connectivity and another for trying to disable the firewall driver and then ask yes or no to user just like any MS troubleshooter imho.

Most apps have some sort of self healing options for users based on the app type it is. PC Security = app not work or inet not working. Just some thoughts here going forward about how to fix this rather then fixing the bug persay. When you have options to go back when stuff like this happens then it’s not nearly that impacting.