Announcement Regarding Recent Vulnerabilities

Related with the vulnerabilities announced by an analyst from Tenable, there have been no reported incidents exploiting any of these vulnerabilities and no customers reporting related issues to us. With the investigation conducted after the initial notification to us, it has been identified that the vulnerabilities affect only the Containment layer of the product, and other security features are not affected. The security layers of our product ensures that our customers are still protected. Regarding these vulnerabilities, Comodo product team has been working diligently to resolve all vulnerabilities from the start and all fixes will be released by Monday, July 29.

Further notifications regarding the release will be communicated through Forum, the portal and e-mail.

Product Team

Thank @Can for the update, this is why a layered approach is recommended but this is good information and I look forward to Comodo’s patches for this.

@Can Presumably this vulnerability is present is all Comodo anti virus versions: consumer/free and MSP (Comodo Client Security)?

Hi @nct ,

Yes, the consumer version has the same condition as well. Necessary announcement for that will be made in proper channels.


@Can Is there a way of patching older versions of CCS?

I ask as we are not deploying the latest two versions due to known issues across the forums.

We consulted the development team, @StrobeTech, and with the last two versions of CCS released, it it safe to update the endpoints directly from the EM with the latest release (v11.4.0.7655). You may want to check this forum post where Ed_Johnson shared his experience with the update.

I shall check out the post as still not upgraded

Hi @StrobeTech , I’ve upgraded most of my endpoints without any issues at all to the latest release.

We have started upgrading ours now that we have had more time to test

We’ve not knowingly encountered any issues with the 11.4 release and I’ve been running pre-release versions of 11.5 for a week or so on a few machines of my own.