Comodo Internet Security Removed From MajorGeeks Downloads
Posted by: Timothy Weaver on 02/22/2016 10:26 AM [ Comments ]
Major Geeks removed Comodo Internet Security from their download page. Google's Project Zero researcher Tavis explains the reason.
When users install Comodo, the default configuration loads a tech support application called GeekBuddy that installs a VNC server – using an insecure default password.
“This is an obvious and ridiculous local privilege escalation, which apparently Comodo believe they have resolved by generating a password instead of leaving it blank,” wrote Ormandy. “That is not the case, as the password is simply the first 8 characters of SHA1(Disk.Caption+Disk.Signature+Disk.SerialNumber+Disk.TotalTracks). I imagine Comodo thought nobody would bother checking how they generated the password, because this clearly doesn't prevent the attack they claim it solved.”
That's bad enough, but Comodo also loads the installation of the Chromodo browser and replaced Chrome settings and cookies with Chromodo links.
Sorry Comodo, not going to be listed with our safe downloads.
Source: SCMagazine
“This is an obvious and ridiculous local privilege escalation, which apparently Comodo believe they have resolved by generating a password instead of leaving it blank,” wrote Ormandy. “That is not the case, as the password is simply the first 8 characters of SHA1(Disk.Caption+Disk.Signature+Disk.SerialNumber+Disk.TotalTracks). I imagine Comodo thought nobody would bother checking how they generated the password, because this clearly doesn't prevent the attack they claim it solved.”
That's bad enough, but Comodo also loads the installation of the Chromodo browser and replaced Chrome settings and cookies with Chromodo links.
Sorry Comodo, not going to be listed with our safe downloads.
Source: SCMagazine
Comments