Back

Critical 0-Day Vulnerability in Comodo Internet Security Exposes Windows Systems

Severity: High (Score: 63.9)

Sources: Gbhackers, Cybersecuritynews

Published: 2026-06-04 · Updated: 2026-06-04

Keywords: comodo, internet, security, vulnerability, crash, windows, zero-day

Severity indicators: zero-day, vulnerability

Summary

A zero-day vulnerability, named ComoDoS, has been discovered in Comodo Internet Security's firewall driver, Inspect.sys, allowing remote attackers to crash Windows systems using a single malformed IPv6 packet. The vulnerability was disclosed by security researcher Marcus Hutchins on June 3, 2026, after multiple attempts to notify the vendor went unanswered. This flaw bypasses all configured firewall rules, making it particularly dangerous. As of June 4, 2026, there has been no response from Comodo regarding a patch or mitigation strategy. The vulnerability affects users of Comodo Internet Security, potentially impacting millions of Windows systems worldwide. The lack of a fix and the ease of exploitation raise significant concerns for cybersecurity professionals. Key Points: • ComoDoS vulnerability allows system crashes via a single malformed IPv6 packet. • Marcus Hutchins disclosed the flaw on June 3, 2026, after failed vendor notifications. • No response or patch from Comodo as of June 4, 2026, poses a critical risk.

Detailed Analysis

**Impact** Windows systems running Comodo Internet Security with the vulnerable Inspect.sys firewall driver are affected. The vulnerability allows remote attackers to crash affected systems, potentially causing denial of service and operational disruption. No specific sectors, geographies, or data at risk are detailed in the articles. **Technical Details** The vulnerability, named ComoDoS, is a zero-day in the kernel-level firewall driver Inspect.sys, exploitable via a single malformed IPv6 packet that bypasses firewall rules. The attack vector is remote, targeting the network stack at the firewall driver level to cause system crashes. No CVE identifier or malware/tools beyond the malformed packet are mentioned. The kill chain stage is initial access and denial of service. **Recommended Response** No vendor patch or mitigation is currently available due to lack of vendor response. Defenders should monitor for unusual IPv6 traffic patterns and malformed packets targeting Comodo Internet Security firewall components. Network-level filtering of suspicious IPv6 packets and isolating affected systems until a patch is released are advised.

Source articles (2)

  • Comodo Internet Security 0-Day Vulnerability Lets Attacker Crash the User’s Windows System — Cybersecuritynews · 2026-06-04
    An unpatched zero-day vulnerability in Comodo Internet Security’s firewall driver, Inspect.sys, after receiving no response from the vendor following multiple disclosure attempts. The vulnerability, d…
  • Comodo Internet Security 0 — Gbhackers · 2026-06-04
    A remotely exploitable zero-day vulnerability in Comodo Internet Security’s kernel-level firewall driver allows attackers to crash Windows systems with a single IPv6 packet, and the vendor has yet to…

Timeline

  • 2026-06-03 — ComoDoS vulnerability disclosed: Marcus Hutchins publicly revealed the zero-day vulnerability in Comodo Internet Security after multiple failed attempts to contact the vendor.
  • 2026-06-04 — Vendor response awaited: As of today, Comodo has not responded to the disclosure or provided any patch for the vulnerability.

Related entities

  • Zero-day Exploit (Attack Type)
  • Comodo Internet Security (Company)
  • Windows (Platform)
  • ComoDoS (Vulnerability)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed