Advice Request COMODO blocks Windows Updates with error 0x80070005

[TheMalwareMaster]

A big thanks to all you guys, it has been a pleasure to come back on this forum and find many people available to test this issue that I had since March 2025 with no solution

 

[cruelsister]

A big thanks to all you guys, it has been a pleasure to come back on this forum and find many people available to test this issue that I had since March 2025 with no solution

I suggested that you attempt my suggested setup for CF and not sure if you tried it:
Comodo Firewall 2025 Setup and Commentary

For this you must download CIS Premium installer, the link for which is in the video's description.

 

[Andy Ful]

I also disable the Microsoft Firewall through Group Policy and Microsoft Defender with Sordum's Defender Control.

Yes, this can change the way Windows Updates are installed. As a side effect, some failures can be avoided, but there is a risk that such a setup can trigger other problems.

Edit.
When the CIS AV module is disabled, Windows tries to activate Microsoft Defender. If disabling CIS AV is correlated with the update failure (like in my tests), enabling Microsoft Defender may be involved in some way. However, the cure with disabling Defender is too risky (In my opinion).
Let's hope that the Comodo vendor will solve the issue for users who applied CF + Microsoft Defender.

 

[rashmi]

Yes, this can change the way Windows Updates are installed. As a side effect, some failures can be avoided, but there is a risk that such a setup can trigger other problems.

I've been using the stated setup for years; I've never experienced a problem. Sordum's Defender Control may create issues, but it has worked every time as expected for me. The developer discontinued Defender Control because some users reported they couldn't reenable Microsoft Defender, but he couldn't reproduce the issue on his systems. Defender Control states "Couldn't start Defender" when you try to reenable it; you need a system restart to enable Defender.

 

[Andy Ful]

The developer discontinued Defender Control because some users reported they couldn't reenable Microsoft Defender, but he couldn't reproduce the issue on his systems.

It corrupted Microsoft Defender on my computer. I solved the problem by using Avast for some time, and after upgrading to the new Windows version and uninstalling Avast, Microsoft Defender was healed.

 

[rashmi]

It corrupted Microsoft Defender on my computer. I solved the problem by using Avast for some time, and after upgrading to the new Windows version and uninstalling Avast, Microsoft Defender was healed.

I've used it many times and still use it; I've never had an issue. The developer provides the download on Google Drive; I don't know if he updates it, but my download manager shows the date 12/24/2024.

 

[Andy Ful]

I've used it many times and still use it; I've never had an issue. The developer provides the download on Google Drive; I don't know if he updates it, but my download manager shows the date 12/24/2024.

It is ver. 2.1 from March 2022.

 

[TheMalwareMaster]

I suggested that you attempt my suggested setup for CF and not sure if you tried it:
Comodo Firewall 2025 Setup and Commentary

For this you must download CIS Premium installer, the link for which is in the video's description.

Will try, but I do no longer have a virtual machine, I'll need to wait for the next update

 

[Andy Ful]

I've used it many times and still use it; I've never had an issue. The developer provides the download on Google Drive; I don't know if he updates it, but my download manager shows the date 12/24/2024.

I disabled Microsoft Defender and used your config (did not disable Windows Firewall) with partial success:

The update was successful. However, Defender Control could not activate Microsoft Defender.
Anyway, we have two interconnected factors that can affect this update: disabled AV in CIS while Microsoft Defender is enabled. I hope that this information can help to solve this and similar issues with Windows Updates.

 

[Zero Knowledge]

Finally, the issue has been identified. It was not Firewall but AV. I ran the test twice with the same result (Install error - 0x80070005).
The reported tests show that enabling/disabling other modules (HIPS, Auto-containment, VirusScope, Firewall, Script Analysis, Website Filtering) did not cause the KB5067036 update error. But whenever one of the disabled modules was the Antivirus module, the update failed.

In fact, the issue is quite similar to that from the OP (the same update KB5067036 and the same error). In my case (last two tests), I used CIS Proactive config with disabled HIPS and AV modules, which is almost the same setup as the Comodo Firewall config in the OP. However, I did not use the silent setup, and all tests were run on the default Admin account.

I also ran two additional tests with the installed Comodo Firewall application (Proactive config with disabled HIPS), and the KB5067036 failed as in the OP.

It is strange, but all of this suggests that the active AV component's absence may be the cause of the issue in both CIS and Comodo Firewall.

There is a major issue with the KB5067036 update, it fails every time on install on my machine and I only have Hard_Configurator (paranoid extensions, LOLbins, Firewall checked, High Defender checked) and NOD32 installed. It's not a solely Comodo issue, there is something wrong or totally borked with this update, I've reset SRP, uninstalled and turned everything back to default and same issue with installation error. Comodo is not the only one to blame., it's happening with other setups too.

There is also a major issue with the latest Intel graphics driver, for 11th to 14th Intel CPU's. Won't install. Same process as Win update, every set to default or uninstalled and same error. Refuses to install. Something is up, a lot and I mean a lot of BSOD's lately too

 

[Andy Ful]

There is a major issue with the KB5067036 update,

This update is probably buggy (like many Windows Updates). Still, in my VirtualBox tests, it consistently updates successfully without CIS, and also with installed CIS (Internet Security or Proactive setups), except when the AV module is disabled. Disabling or enabling HIPS, Auto-containment, Firewall, or ViruscScope does not affect the update. This is previously unknown and interesting behavior. It is unclear how this can impact different machines and if it can also affect other updates.

The issue can be related to the known fact that after disabling AV in CIS, Windows automatically enables Microsoft Defender.
In other AVs, disabling real-time protection does not enable Microsoft Defender.

Post shortened.

 

[Zero Knowledge]

Yeah just thought I'd post my experience, it's a buggy WU and not isolated to Comodo. I've tried everything to install it, no cigar

 

[Andy Ful]

Yeah just thought I'd post my experience, it's a buggy WU and not isolated to Comodo. I've tried everything to install it, no cigar

Ignore it (all preview updates can be ignored).
It is not required and will be included in the next cumulative update.

 

[rashmi]

I disabled Microsoft Defender and used your config (did not disable Windows Firewall) with partial success:

View attachment 292882

The update was successful. However, Defender Control could not activate Microsoft Defender.

Disabled Defender and restarted the system


Enabled Defender and restarted the system


Defender started after the system restart

 

[Andy Ful]

Yes. I could not get the last point because the system in VirtualBox did not restart, so I gave up.
I assume that on your computer, DefenderControl works well.
In my real system, Microsoft Defender was somewhat corrupted after using DefenderControl. I used it several times while testing my POCs. It worked well until it did not. Microsoft Defender did not start for several minutes after reboot (up to 15 minutes). I could not restore the normal functioning.
Anyway, in your case, it is not important because you intentionally do not want to use Microsoft Defender.

Edit.
The risk of using DefenderControl is well explained by the developer:

Microsoft does not want Defender to be turned off completely. Therefore, when defender is turned off, windows update or windows component is trying to repair Defender and as a result Defender may become corrupt. Of course a malicious program may also corrupt Defender completely. (If there is no different security software in windows, when Defender is turned off)
Microsoft is constantly taking new measures because it does not want Defender to be turned off. There is a possibility that Windows Defender may be corrupted among these measures. Therefore We will no longer update this program
Sordum.org Team

 

[Andy Ful]

Back to the topic.
There is an important question for users who applied the config: Windows Defender + Comodo Firewall. Some people prefer it over CIS for good reasons.
Are the issues with Windows Updates serious problems or not?
The update KB5067036 is probably unimportant. What about other (past) updates on Windows 11?

 

[cruelsister]

Never an issue for Me and Mine after many years of use.

 

[caleche]

No update issues so far with this config.

 

[rashmi]

In my real system, Microsoft Defender was somewhat corrupted after using DefenderControl. I used it several times while testing my POCs. It worked well until it did not. Microsoft Defender did not start for several minutes after reboot (up to 15 minutes). I could not restore the normal functioning.

Here, after a reboot, Defender shows up quickly with a yellow shield. I just need to activate Defender's protection; it might be because I turn off Defender's settings manually before using Defender Control.

 

[Andy Ful]

@cruelsister and @caleche,

What Windows version do you use currently?