• Welcome to Freedom Reborn Archive.
 

Recent Microsoft Security update

Started by Panther_Gunn, July 10, 2008, 07:45:28 AM

Previous topic - Next topic
Print
|
Go Down Pages1
User actions

Panther_Gunn

July 10, 2008, 07:45:28 AM
I'm putting this here, rather than Tech Issues, so more people will see this, and hopefully not have the problems that we did.

The most recent MS Security update, KB951748 (MS08-037), does not play well with Zone Alarm Firewall.  The machine it affected was running XP SP2, and the most recent version of Zone Alarm (free version).  From what I saw, it seemed to cause everything, incoming and outgoing, to be blocked at the firewall.  Looking at the log, I was instantly suspiscious when I saw that Microsoft pages were being blocked, and the kicker was when I saw that the Zone Labs update check was blocked as well.  I added one IP to the Trusted zone, and I was finally able to get to Google, but not MSN (I didn't test this phase any further).  Since a new update being installed was the last thing I knew happened on the machine (when shutting down Tuesday night), I found & uninstalled the update.  After the reboot, all was well.

For the sake of completeness, the modem had already been power cycled, the machine itself rebooted several times, and the LAN connection "Repaired".  The fact that I was seeing inbound packets being blocked told me that I had connectivity all the way from the PC to the net.

I looked over the MS info for the update, and it doesn't mention (yet) this issue, but haven't checked the ZL page yet (heading there next).  Yet another reason I dislike Automatic Update downloads.  <_<

Edit:  Zone Labs has an Important Notice up in the Technical Support section, with workarounds and updated software that solve the issue.  The workarounds consist of uninstalling (like I did), or putting the Internet Zone slider to Medium (shivers).  At least *somebody* still responds quickly to problems.

Carravaggio

#1
July 10, 2008, 08:48:17 AM
Had the same problem, glad to know it was an overall issue and not something related to my computer specifically.

BlueBard

#2
July 10, 2008, 01:37:46 PM
I knew what to expect from reading advisories, so I knew exactly what I needed to do when ZA freaked out.  Unfortunately, the nature of the problem is such that your access to the Internet... the very thing you need to understand what the problem is... is gone and the average user is not going to understand how to resolve it.

Uninstalling the update is not a good idea, by the way.  It addresses a fundamental problem with DNS implementation.  But I can see where it's inevitable in most cases.

I just adjusted the FW setting to Medium.  I'm behind a router and using private addresses so it's not a catastrophic loss of security.

zuludelta

#3
July 10, 2008, 01:41:55 PM
Alternatively, you can switch to Comodo Personal Firewall. The interface is similar to Zone Alarm's, but it uses far fewer system resources, patches and updates are more regular and up to date, and there's generally more community support around it.

Sevenforce

#4
July 10, 2008, 04:51:17 PM
*nods at Zulu*

Same thing I have, but I also have a backup in case anything disastrous goes wrong in those regards...

My Mac :wub:
Print
|
Go Up Pages1
User actions