Comodo Internet Security 0-Day Vulnerability Can Crash Windows Systems

A critical zero-day (ComoDoS) in Comodo Internet Security’s kernel driver Inspect.sys allows a remote attacker to crash Windows systems by sending a single crafted IPv6 packet that triggers an integer underflow in the IPv6 extension-header parser; a compact Scapy proof-of-concept is publicly available, additional out-of-bounds read/write primitives were found, and Comodo has not acknowledged the researcher’s reports.