When and why?

Want to ask a question and tell you guys how disappointed I am in how you have handled the CCS fiasco.

When can we expect to hear from Itarian/Comodo about this?
Why didnt Itarian/Comodo notify us about this?

Frankly, this is a huge trust issue and Itarian has lost my trust.

You release CCS 12.7 and its a huge failure, instead of notifying its clients you dont say a word and pull the version.
I spent hours troubleshooting this fiasco and Im sure Im not the only one.

You want us to use Itarian as our AV and security provider but will not tell us whats going on, that does not work in real life.

I would like to hear from the company a good explain why you allowed this issue to become such a huge fiasco.
You owe your customers a huge apology.

Waiting to hear from you Melih, its time to act like a real security company.

@smartcloud I don’t know how many endpoints it managed to install on your systems, but even as I type this I have yet another one to remove and reinstall because it is a reckon accounts user, or turn off containment with another profile push out.

Yes, they have been far too quiet and should have sent us an alert via email as soon they had been aware of the issues, and a proper auto rollback/fix option.

It would have been nice to be informed on how to pull a useful report listing endpoints with reckon and the 12.7 installed, somehow I don’t think this is possible from what I can see,

Having clients calling up for this on top of the MS update crap, a report listing the KB and installed printers would have saved a ton of time.

I’m personally still using other rmm and security products with some clients, so running a mixed bag and they all have “some” issues, however the help and support along with requested features that actually roll out leave our offering here way behind.

I like the itarian platform, but progress/upgrades seem very slow and the forum appears to be our only real point of contact.

Perhaps we should all be sending emails to support@ and not on the forum as some questions get very little or no responses.


This is the user count as I type, the forum should be very active, but I suggest most are just logging in and not active.

There are currently 198 users online. 13 members and 185 guests.

Most users ever online was 13,926 at 08:24 AM on 03-29-2020.

@ilgazy can you give some input here, please?

You can see the devices with 12.7 installed by clicking dashboard/audit
there you see the graphs.
click the 12.7 link in the security client graph.

My post is not about the product its about communication.
We have like 300 devices or so but wouldnt really matter if we had 50.

Its pretty poor that we dont know that 12.7 had problem and they pulled it.
There are zero communication from Itarin regarding this type of issues.
This is not the time to “hide” your issues, consider how the industry sees Solarwinds and Ubiquity now.

Im really curious why Itarian does not do a better job communicating this stuff with its customers.

We had quite a few endpoints effected by this issue. The very first thing we did was log a ticket with support@ when we realized the issue was directly related to the 12.7 version of CCS. We were already disabling auto containment as a temporary fix.

They asked us to grab information from one of our customer’s effected endpoints so they could analyze the data. I got that submitted to them and waited…24 hours or more, which I’m okay with but then I posted another reply stating my intention to do a VMware conversion copy of one of the impacted endpoints since I tried installing all software on a test VM from scratch and not being able to duplicate the issue with 12.7. I got a reply back stating that they knew what the issue was. That told me I didn’t need to take time out to duplicate the issue by making an exact clone of an impacted endpoint.

I would like an explanation of what the heck happened. It seems to me like the CCS agent began totally ignoring all settings from the assigned profile and started auto containing all kinds of critical system files that impacted QuickBooks (the first app we began seeing issues with) along with Citrix client and a couple of others. Not sure what the common denominator between impacted apps was or why I couldn’t duplicate it on a clean VM by installing QuickBooks and 12.7 CCS together and setting up a test company file.

The primary reason we use ITarian is because of the auto containment. It’s hands down the best thing out there for protection from unknowns. It would help if there was a centralized system status page where these things are published that we can quickly reference for near real-time updates on known issues and impacted services and corrective actions to take. In another thread it said they were testing a fix and might have it released last week. I haven’t been able to find any other status updates since then on where we are at on things.

I see there is an update finally https://forum.itarian.com/forum/products/preview-section/62512-hotfix-for-comodo-client-security

BUT this announcement is not emailed directly to me as I did not lodge a ticket, just on the forum.

However, it is not (yet) even on the banner during login, as is the case with major updates?

The banner should at least be used for these types of notifications, and warn about possible issues as reported, advise on hotfixes and/or link to the forum pages so we can do our due diligence.

If we just close the banner then it is on us, if they don’t advise it is on them.

@smartcloud - I use the audit and last count was about 60 + endpoint still on 12.7, but to my knowledge (or not knowing how) on its own we cannot do much with it.
A report listing these endpoints, wiith a criteria such as inc software “has citrix”, “has reckon accounts” etc would have enabled us to pull or react much faster before my clients starting calling.

The same method with a patch report and optional criteria - printers installed, would have been a real game-changer with the MS stuff up, even though this platform could not apply the patch KB.


@mcfproservices Sad I have to learn that there is an update out from you and not from Itarian.
Not a single response from them regarding this.

Will have to seriously rethink using Itarin after this.
The CCS mistake is one thing but the lack of communication in a matter like this is just totally unacceptable and extremely unprofessional.

Hello everyone,

First of all, we are very sorry for the inconvenience caused by latest version of CCS ( We announced that there was a problem on CCS on other topics before.



The root cause of this issue was some trusted applications that are using virtualization technology like Citrix, QuickBooks, ShipGear are contained despite containment rules.

We were doing our best to solve the issue quickly and informed right after the fix is confirmed. The fix is now confirmed and we will be releasing a new version today (04/07/2021 Tuesday at 6:00 AM GMT). Please check out https://forum.itarian.com/forum/prod…rity#post62512 for the release announcement. The announcement is also available on the ITarian Portal Notifications section and can be seen on Announcement Banner on top.

But you are right, we should have communicated this issue much better, to inform at the time the issue was discovered and decided to pull back the latest version, and we are truly sorry about the miscommunication.

We are doing our best to help you grow your business at all times, and we will ensure that such communication issues will never occur again.

Best regards,

I’ve just looked at the status page and there is a message about the release on it too.

Thank you guys! Just waiting for the 12.7.1 version to roll out to our endpoints so we can re-activate auto containment on those devices.

Update: Well, I had uninstalled the 12.7 and pushed our script to install the 12.6 version after switching them to a profile where that is the latest version supported but it did the 12.7 version again so I figured I would test it again and it appeared to work the second go around. I am waiting to see if the issue resurfaces or if we just had an issue with things not entirely up to date.

Has anyone else tested this with Citrix yet? I have an endpoint that uses Citrix with CAC cards and I am finding myself rolling it back to the 12.6 version because anything above that is still breaking Citrix for them. Specifically Citrix Workspace 2010.