ZoneAlarm users have been locked out of the internet by Microsoft's latest update
Microsoft 'fix' cripples ZoneAlarm users
/v3-uk/news/1953838/microsoft-fix-cripples-zonealarm-users
09 Jul 2008, Robert Jaques , V3
Hundreds of thousands of ZoneAlarm firewall users have been locked out of the internet by Microsoft's latest round of software updates.
Microsoft released four 'important' fixes as part of its regular Patch Tuesday update, one of which left ZoneAlarm users with out web access.
The MS08-037 fix is designed to plug a vulnerability in Windows' implementations of the Domain Name System protocol, but has been responsible for "compatibility issues " with ZoneAlarm.
A spokesman for ZoneLabs, the Check Point subsidiary which manufacturers ZoneAlarm, told vnunet.com that the company became aware of the problem late last night when US users began downloading the Microsoft code.
ZoneLabs advises users of ZoneAlarm to remove the Microsoft update as a workaround until it has created a more satisfactory solution to the problem. The company has set up a forum to help keep users informed.
The forum moderator states: "We are investigating the issue with the Microsoft update KB951748. For the time being we suggest you uninstall KB951748 until the issue has been resolved. We will post when we have more information."
Some users of the firm's forums have discovered that downgrading the firewall's security from High to Medium for the internet fixes the problem, but this is not advised by ZoneLabs.
A user by the name of 'PokeyCA' wrote: "By now, everyone who is using ZA, knows that Microsoft's update KB951748 broke ZA.
"The reason that it broke ZA is that Microsoft had to expand the randomness that the DNS client uses when asking for UDP ports to go to DNS servers.
"ZA only looks for these requests in a certain range of UDP ports, but with the new DNS client (note that IE has not changed, but some of the base networking programs (svchost.exe)), ZA sees requests outside of this range and blocks them. Therefore, Internet is broken.
"Unfortunately, Microsoft didn't tell firewall manufacturers (hardware and software) that they were updating this."
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Do you agree?
that seems bassackwards?
Seems to me, it's up to Zone Labs to fix the issue on their end. Uninstalling a security update is serious business? that's like having a pot of water boil dry on a stove and blaming the flame for being too hot, instead of blaming the guy for not adding more water?
just my 2 cents....
Posted by Bruce Eddy, 09 Jul 2008
Zone Alarm
All very well stopping Zone Alarm clients accessing the Internet but how do you know it is a Microsoft fix if you cannot access the Internet to read these messages. I have had a very frustrating day trying all sorts of things before doing a system restore. Should I have done that first?????
Posted by Terence Whitehead, 09 Jul 2008
How are we to know
What a muckup,how are we as novices to know that Microsoft made a bodge of their update when we cant access the internet other than call in a technician at great expense, to be told that the update is not compatable with Zone Alarm firewall . Microsoft get your act together, or is that asking to much from you?
Posted by william sneddon, 09 Jul 2008
M/soft fix!!
I was one of the poor 'idiots' who had to contact my ISP to find out what was going on, but when I contacted ZA they couldn't help and so got no help from them.
Posted by Rosemary Smith, 10 Jul 2008
after fix, I'm missing programs and files
I turned off Z.A. long enough to go to their tech support site, then clicked on a download which automatically started downloading an exe file. I stopped that quickly and tried the another option - deleting the kb951748 update. Upon restarting I found a bunch of icons were missing and whole programs (incuding Zone Alarm) and other files gone.
Posted by JZ, 10 Jul 2008
Another Microsoft greatness and failure
How many times has microsoft come out with updates and then affect the masses with their "oops", its the other guy? This is not acceptable, just like thier windows vista failure.
The simple way is to go in to control panel, programs uninstall, check box at top of window showing "all" and uninstall the little bugger that ends in 1748 and that will allow your protection until the "real" fix comes out and give you back protection.
Bill Gates, Fire the idiot that thought out this one!!!!!!
Posted by Bob, 10 Jul 2008
Collateral damage of legitimate target
Curious that this patch zaqpped one of Micro$oft's main competitors. Pure chance, of course...
Posted by John Rogers, 10 Jul 2008
Easy
You just need to uninstall the update through the usual Settings-Control Panel-Add and Remove Programs. ZA couldn't have fixed the issue in advance as it seems Microsoft didn't tell anyone. I lost 5 hours of busy worktime yesterday trying to figure out what went wrong, I'm starting to loose my patience with Microsoft.
Posted by AA, 10 Jul 2008
Catch 22
The only way I got around it was to download email to my phone, find a Zonelabs email which named the MS updaye and ask a friend to investigate it for me. On erasing the update all was OK.
Posted by Jimbo, 14 Jul 2008
Don't blame Microsoft
How can some people here blame Microsoft for this issue?
They are not responsible for checking thousands of programs that this update might affect before releasing it, that would delay updates leaving people vulnerable for a longer period of time.
This was clearly an error on CheckPoint's side, read into the specifics that caused ZoneAlarm to malfunction before you start babbling about conspiracies with Microsoft taking out it's competitors and such.
Idiots.
Posted by !Sheeple, 16 Jul 2008