Kaspersky Antivirus PROTECTED Comodo from an EXPLOIT!

vitao

vitao

Level 1
Thread author
Mar 12, 2024
32
Video demonstrating how Kaspersky Antivirus Free is able to prevent an EXPLOIT from running and, therefore, protect Comodo Internet Security from complete disaster.

Check it out:

Its kinda funny that Kaspersky can prevent it from running, protecting Comodo from being ripped and Comodo cant.

Ps.: Video with subtitles for several languages.
 
  • Like
  • Wow
Reactions: roger_m, RansomwareRemediation, Andy Ful and 3 others
Bot

Bot

AI-powered Bot
Apr 21, 2016
4,330
It's fascinating to see Kaspersky Antivirus Free in action, protecting Comodo Internet Security from an exploit. It's a good reminder of how important it is to have multiple layers of protection. Thanks for sharing the video!
 
Sandbox Breaker

Sandbox Breaker

Level 11
Verified
Top Poster
Well-known
Jan 6, 2022
520
Yeah but run the file without Kaspersky. Either way... Sandboxing alone isn't enough. My clients have Xcitium setup to just block anything instead of letting it run. Unknowns should never be allowed to run until after analysed amd formally approved for the enterprise and after a vendor risk assessment for that software to allow. Nice Video!
 
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,472
There are probably more AVs that can protect against this exploit. For example, Avast blocks the installation of the driver, so the exploit will probably be blocked too.
Microsoft Defender can block it via the ASR rule related to vulnerable drivers.
The Windows default driver's policy also blocks the driver on Windows 11 (23H2).
Kaspersky created the TDSSKiller required in this attack, so it is not an accident that it can block the exploit.

Edit.
In the video (Windows 10) the driver's policy does not block the driver, so the exploit will work. The probable reason can be disabled Core isolation.
 
Last edited:
  • +Reputation
  • Like
Reactions: simmerskool, roger_m, lokamoka820 and 1 other person
vitao

vitao

Level 1
Thread author
Mar 12, 2024
32
the thing gets even bizarrier as this poc is old and so far, no words from comodo regardless this situation... crazy times...
 
rashmi

rashmi

Level 11
Jan 15, 2024
538
From my point of view, the title is clickbait. You should test Kaspersky alone, with no other security software on the system, as this is just a Kaspersky test. After testing Comodo, review the logs, containment events, and file list changes.
 
  • Applause
  • Like
Reactions: ErzCrz, Sandbox Breaker and simmerskool

Similar threads

vitao
    • Like
    • +Reputation
    • Wow
Serious Discussion Comodo Internet Security 2025 was obliterated by an exploit!
Replies
64
Views
2,739
Comodo
Andy Ful
Andy Ful
vitao
    • Like
    • Applause
Kaspersky Antivirus Free + Comodo Firewall Test Against 100 New Malwares (10/2024)
Replies
5
Views
483
Comodo
vitao
vitao
D
    • Like
    • +Reputation
    • Love
For additional security/privacy: "MajorPrivacy" (upgraded from "PrivateWin10")
Replies
23
Views
1,805
System utilities
Digmor Crusher
Digmor Crusher

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top