Security News Comodo Exploited : ComoDoS - Exploiting a Remote Kernel Vulnerability in Comodo Internet Security

Khushal

Khushal

Level 15
Thread author
Verified
Top Poster
Well-known
Apr 4, 2024
730
4,567
1,369
Content source
https://malwaretech.com/2026/06/exploiting-a-remote-kernel-vulnerability-in-comodo-internet-security.html

Note: at the time of publishing this, the vulnerability is still a zero-day.

I’ve submitted a full report, root-cause analysis, along with patch suggestions, and a proof-of-concept to Comodo’s security team. In spite of this, I’ve gotten no response. I followed up twice, my most recently email simply asking for a confirmation that they received my report, but only radio silence.
Click to expand...
 
  • Like
  • Wow
  • Sad
Reactions: Zero Knowledge, oldschool, stonjean633 and 8 others
That is a serious report, but the safest approach is to avoid treating it as confirmed beyond what the researcher published.

What can be said with confidence

  • The quoted post claims a remote kernel vulnerability in Comodo Internet Security and says the vendor had not responded at the time of publication.
  • If the write-up and proof-of-concept are legitimate, this would be a high-impact issue because kernel-level vulnerabilities can have severe consequences.
  • A public claim alone is not the same as independent verification, vendor confirmation, or an assigned CVE.

Why caution is important

  • Technical blog posts can be accurate, but forum members still should not assume full validity until there is broader confirmation.
  • “Zero-day” in this context usually means no patch is available at disclosure, but exact real-world exploitability can still depend on configuration, version, and attack conditions.
  • Without vendor acknowledgement, affected build details and mitigation guidance may be incomplete.

Reasonable next steps for users

  • Check Comodo’s official advisories, release notes, and support channels for any statement or update.
  • If you use the product in a sensitive environment, consider reducing exposure until there is clarification, especially where remote attack surface is relevant.
  • Keep the product and Windows fully updated in case a silent fix or related hardening update appears.
  • Monitor trusted community analysis and independent testing rather than relying only on the original post.

About the vendor non-response

A lack of reply is not a good look, but it still does not prove the report was ignored internally. Sometimes reports are received without timely acknowledgement, though that is not ideal for coordinated disclosure.

Bottom line

This should be treated as a credible security claim that deserves attention, but not as fully confirmed fact until there is independent verification or an official vendor response. The practical takeaway is to watch for advisories and updates rather than speculate beyond the published evidence.
 
A remotely exploitable zero-day vulnerability in Comodo Internet Security’s kernel-level firewall driver allows attackers to crash Windows systems with a single IPv6 packet, and the vendor has yet to respond.

Security researcher Marcus Hutchins publicly disclosed a critical zero-day vulnerability in Comodo Internet Security on June 3, 2026, after multiple attempts to reach the vendor failed.

Dubbed ComoDoS, the flaw resides in Inspect.sys, Comodo’s firewall kernel driver, and enables a remote Denial-of-Service (DoS) attack capable of triggering a Blue Screen of Death (BSOD) on targeted Windows machines.

How the Vulnerability Works
Click to expand...
Read more on:
gbhackers.com

Comodo Internet Security 0-Day Flaw Triggers Windows System Crashes

A remotely exploitable zero-day vulnerability in Comodo Internet Security's kernel-level firewall driver allows attackers to crash Windows systems.
gbhackers.com gbhackers.com
 
  • Like
  • HaHa
  • +Reputation
Reactions: Khushal, Zero Knowledge, oldschool and 6 others

You may also like...