Zone Alarm Users Booted Off the Web

Earlier this week we were reporting that the recently discovered DNS security flaws have been patched in a simultaneous effort by the entire industry. Although the fix resolves those security issues, it may also leave Zone Alarm users without an Internet connection. The following platforms are affected: ZoneAlarm Free, ZoneAlarm Pro, ZoneAlarm AntiVirus, ZoneAlarm Anti-Spyware, and ZoneAlarm Security Suite.

Zone Alarm and Check Point Ltd. have issued advisories on the issue. It would seem that access to the Internet is refused by the software application because it interprets the networking changes caused by the update to be a malicious attack. The normal response in such a situation is to block all Internet traffic to the machine you are using.

According to Check Point and Zone Alarm, there are two ways of regaining access to the Internet: the first would be to uninstall the update that is causing the problem while the second one would require that you set the security level of the firewall to medium, not high. If I may, there would be a third option, namely to uninstall Zone Alarm and install another security software in its place, although I am afraid this will not go well with most ZA users.

This is what ZA representatives had to say in regard to the first method: "We are investigating the issue with the MS update KB951748. For the time being we suggest you uninstall KB951748 until the issue has been resolved".

But by doing so you are still vulnerable to phishing attacks that exploit the DNS vulnerability, so you are better off leaving the patch on your system. Checkpoint has stated that it will come to the aid of ZA users by finding a permanent solution to the problem.

Keep in mind that the DNS vulnerability refers to how you access web pages and that an attacker could redirect you to another page without you even realizing it.

[Source: softpedia]