Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Recently, it was reported by Google Security that there might be a small local vulnerability in Comodo GeekBuddy that allowed a local attacker to gain another locally logged-on user’s privilege. Here is the link from Google’s Project 0. https://code.google.com/p/google-security-research/issues/detail?id=703
The minor potential vulnerability was fixed and addressed back on February 10, prior to it being made public by Google Security.
Unfortunately, in some posts and reports, it has been erroneously stated that an attacker could somehow gain access to a user’s PC through Comodo GeekBuddy and a logged in user.
We spoke with Comodo Senior Vice President of Engineering Egemen Tas on this issue.
“This makes no technical sense. It is not reasonable to expect a remote attacker to connect to your PC with GeekBuddy. First and foremost, GeekBuddy does NOT open any ports and does not accept any incoming connections. Only Comodo technical support, during specific support sessions, can connect and this connection is established through Comodo relay servers, not from a local network or from the internet.”
Mr. Tas continued:
“Second, the vulnerability reported has nothing to do with accessing a VNC server remotely, but using a VNC server to obtain another user’s privilege level — if you have access to the same PC and know the details of the password generation algorithm.”
“Third, the issue cannot be exploited remotely. The attacker has to gain local access to the PC first in order to try and do anything – and the password would need to be predictable only by skilled attackers”
“And lastly, the minor vulnerability has been fixed and addressed back on February 10.”
In summary – all software goes through patch and fixes and this minor issue has already been fixed in GeekBuddy 4.25.380415.167(released on February 10th) and shared with customers.
At Comodo, we always strive to protect our users, and to assist you here are some frequently asked questions on the issue. Customers can feel free to contact GeekBuddy directly at firstname.lastname@example.org or 866-272-9804.
What is the issue?
GeekBuddy uses a modified version of VNC to allow Comodo technicians remote access the PCs during support sessions. In order to use VNC, a local user needs to have a password. In GeekBuddy we automatically generate the password per computer to prevent any local user access to this service.
Which GeekBuddy or CIS versions are affected?
The reported issue does not affect Comodo Internet Security (CIS). It is specifically related to GeekBuddy versions prior to Build 167. We released the hotfix on the 10th of February.
Does GeekBuddy allow remote access by anyone?
No. GeekBuddy is used for remote technical support by Comodo engineers only. It is not technically possible for anyone to connect to your PC. It does NOT open any ports at all. This issue does not allow any remote attacker to obtain any privileges. It requires local access and specific conditions.
Tags: Internet Security
Reading Time: 3 minutes Usually summer means vacation and relaxation. But as we’ve seen in recent history, summer plans can be brutally disrupted when cyber threats strike. Just two years ago, the headquarters of A.P. Møller-Maersk, shipping conglomerate in Copenhagen, was virtually destroyed due to infectious malware called NotPetya. On the eve of a national holiday, employees were preparing…
Reading Time: 2 minutes Internet security is a branch of computer security which comprises various security measures exercised for ensuring the security of transactions done online. In the process, the internet security prevents attacks targeted at browsers, network, operating systems, and other applications. Today, businesses and governments are more concerned about safeguarding from Cyber attacks and malware programs that…
Reading Time: 2 minutes The latest news regarding Wikileaks documents from the CIA has caused quite an industry stir, and also caught Comodo’s attention since we were mentioned in a couple of documents (and Stephen Colbert mentioned Comodo). Gaining notoriety with U.S. Intelligence Community is something in which Comodo takes some pride. While this latest news involved evaluating a…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP