Home » News
Check Point Cause Alarm After DNS FixZoneAlarm borks Windoze users.
Microsoft were out early in fixing the DNS flaw but their ISVs weren't ready. And Check Point's controversial firewall ZoneAlarm certainly wasn't.
2K/XP/ZA Affected
The new Microsoft DNS fix coupled with use of ZoneAlarm crippled Win2K and WinZP machines. And representatives Microsoft insisted they received no calls whatsoever concerning the matter.
Check Point products causing the issue include ZoneAlarm Free, ZoneAlarm Pro, ZoneAlarm AntiVirus, ZoneAlarm Anti-Spyware, and ZoneAlarm Security Suite.
Check Point now have patched English language versions of these products.
Workaround?
As their primary workaround Check Point seriously recommended dismantling the Microsoft patch. The alternative was to reduce security settings.
Patched Files
Files patched with the MS update include 6to4svc.dll, Afd.sys, Dnsapi.dll, Msafd.dll, Mswsock.dll, Tcpip.sys, Tcpip6.sys, W6to4svc.dll, Wdnsapi.dll, and Wmswsock.dll. As ZoneAlarm applies driver level hooks it's understandable Check Point's code broke.
The Microsoft patch applies to 44 different editions of Windows.
See Also Radsoft Reviews: ZoneAlarm Pro 3.0 Microsoft: Security Bulletin MS08-037 - Important Check Point: Workaround to Sudden Loss of Internet Access Check Point: Media Alert - Solution for Loss of Internet Access
|