Orcmid's Lair
Orcmid's Lair
 status 
privacy 
 
about 
contact 

Welcome to Orcmid's Lair, the playground for family connections, pastimes, and scholarly vocation -- the collected professional and recreational work of Dennis E. Hamilton

Archives

Click for Atom feed
Atom Feed

Associated Blogs
 
Edge City
 
Numbering Peano
 
Orcmid's Live Hideout
 
Praxis101
 
Prof. von Clueless in the Blunder Dome

This page is powered by Blogger. Isn't yours?

Locations of visitors to this page

Recent Items
 
Interoperability: What's the Self-Interest?
 
Interoperability: No Code Need Apply?
 
Another Lively Place for Orcmid
 
Interoperability: The Experience of It
 
Interoperability by Regulation: The Glass Half Ful...
 
Transparency Causes Performance?
 
Dreaming in Code: Going Native by the Bay?
 
Microsoft, Interoperability, and Open Source
 
Reality Is the Model
 
Trust but Demonstrate

2008-07-13

Help ZoneAlarm Users Get Back on the Internet

Although this should have blown over by now, you might have some family, friends, and colleagues who were unable to access the Internet after last week's security updates from Microsoft.

Apparently the problem is limited to ZoneAlarm users.  They can't see this post and the available remedies because they can't get to the Internet unless they figure out to

  • remove ZoneAlarm or at least reduce its protection level from "High" to "Medium" long enough to install an update from the ZoneAlarm site
       
  • remove the Microsoft updates with the DNS vulnerability fix (although not really necessary, and removal can introduce new problems)

The basic situation is covered in the Microsoft Security Bulletin under the FAQ section and this Known Issues article.  The ZoneAlarm workaround and updates can be found in this announcementUpdate: Joel Hruska has a great 2008-07-14 summary of the roll-out of the DNS vulnerability fix on Ars Technica.  There is no indication of the disconnect with ZoneAlarm's producer, Check Point Software.

Also, if you or others are using ZoneAlarm on Windows and haven't run Microsoft Update in a while, be sure to update ZoneAlarm first.  Then use Microsoft Update to obtain the DNS vulnerability fix and other recent security updates.

No longer using ZoneAlarm myself, I did not learn about this issue until it was raised by someone looking for information on an Interoperability Forum.  This is an interesting interoperability case.  The ZoneAlarm package is listed by US-CERT as not being vulnerable to the DNS vulnerability, but there was apparently a secondary dependency on the correction made to Windows itself.  How to protect against disconnects of this kind is partly an interoperability issue, it seems to me.  I wonder whether this is an example of the hazard discussed in Interoperability: No Code Need Apply?

posted by orcmid at 7/13/2008 10:11:00 AM
 
Comments: Post a Comment
 
Construction Zone (Hard Hat Area) You are navigating Orcmid's Lair.

template created 2002-10-28-07:25 -0800 (pst) by orcmid
$$Author: Orcmid $
$$Date: 08-10-07 13:22 $
$$Revision: 1 $