Avast WEBforum
Other => General Topics => Topic started by: rdmaloyjr on July 09, 2008, 04:27:58 AM
-
With today's MS updates you won't be able to access the internet with ZoneAlarm running. I know because both of my computers have ZoneAlarm.
-
May I offer the following suggestion:
http://forum.avast.com/index.php?topic=9671.msg309108#msg309108 (http://forum.avast.com/index.php?topic=9671.msg309108#msg309108) :) :)
-
This just makes me glad once again that I dont play the micro$oft update game........ ;)
-
Castlecops post :
Windows update KB951748 should not be installed. It will break your Internet connection. If you have it already installed, uninstalling it fixes the problem.
I have spent the day troubleshooting over 20 PCs and have found all installations to have the install date of 9 July 2008, which in my part of the world is tomorrow. I think that as of tomorrow it should work. If not then MS broke something again, but we are used to that.
How to fix it? Go to Start> Control Panel> Add/Remove Programs. Make sure to put the tick mark in the "Show updates" box in the upper right-hand corner of the screen. Scroll down to the Windows Updates and look for (KB951748), highlight it and press remove. You will need to immediately do a reboot and when your machine has restarted your Internet connection will function again!
http://www.castlecops.com/a6916-MS_KB951748_breaks_ZoneAlarm.html
Really bad mistake on Microsoft's part ... Incompatibility based on date ???
-
I'd do the opposite. Get rid of crappy ZoneAlarm and install that update...
-
No Crap Alarm, no problems.hihihih.
-
Only machines that complained today all had ZA installed. No one else has complained and I have people using other Firewalls. If using just Windows Firewall everything works just dandy
from the castlecops link...have no problem using comodo pro at present :)
-
I'd do the opposite. Get rid of crappy ZoneAlarm and install that update...
I'll follow RejZor's advices ;)
The problem is on ZA, not into MS updates...
-
May I offer the following suggestion:
http://forum.avast.com/index.php?topic=9671.msg309108#msg309108 (http://forum.avast.com/index.php?topic=9671.msg309108#msg309108) :) :)
PC Tools Firewall Plus has always worked without problem on my machines except for the last version I used, it kept losing my internet connection. I went back to ZA, it was a breath of fresh air!
I've tried a ton of fw's, I like ZA best. However, I decided to go back to PC Tools fw+ till this problem gets fixed. Big disaster!!! Crashes! Freeze ups! I don't know if it's due to this MS security update or my system just doesn't like the latest version (4.0.0.40) of PC Tools Firewall Plus.
-
PC Tools Firewall Plus has always worked without problem on my machines except for the last version I used, it kept losing my internet connection
same here-thats why i switched over to comodo-never had any problems with prior versions of pctools firewall plus until the recent version ???
-
The problem is on ZA, not into MS updates...
According to the German site Heise Security the problem lies in the personal firewall expecting dns queries only from one udp port. The windows update randomizes the source port for udp queries. Heise Security suggests an allow rule for the firewall, which allows udp-packets from any port to port 53 of the dns server and the respective answers.
Tech,
I take it that you claim ZA "randomizes the source port for udp queries". You did say "The problem is on ZA, not into MS updates...", but the article said "The windows update randomizes the source port for udp queries." ZA does need to upgrade their fw to be compatable with the Windows update, then the problem created by the Windows update will be fixed.
-
http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
for those using za :)
-
The problem is on ZA, not into MS updates...
According to the German site Heise Security the problem lies in the personal firewall expecting dns queries only from one udp port. The windows update randomizes the source port for udp queries. Heise Security suggests an allow rule for the firewall, which allows udp-packets from any port to port 53 of the dns server and the respective answers.
Tech,
I take it that you claim ZA "randomizes the source port for udp queries". You did say "The problem is on ZA, not into MS updates...", but the article said "The windows update randomizes the source port for udp queries." ZA does need to upgrade their fw to be compatable with the Windows update, then the problem created by the Windows update will be fixed.
Ok, now I see. Thanks for the explanation.
-
With today's MS updates you won't be able to access the internet with ZoneAlarm running. I know because both of my computers have ZoneAlarm.
Hello everyone, I have been online trying to find out the problem with the new update, I didn't realize it was Zonealarm ty for the info
I don't know who's fault it is if there is even one, but here the fix on zonealarms website.....thanks again
http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
-
Hi, FYI this update also affects Kerio 2.1.5 :(
-
Hi, FYI this update also affects Kerio 2.1.5 :(
May I again offer the following suggestion: ( PCTools Firewall Pro )
http://forum.avast.com/index.php?topic=9671.msg309108#msg309108 (http://forum.avast.com/index.php?topic=9671.msg309108#msg309108) :) :)
-
Hi, FYI this update also affects Kerio 2.1.5 :(
Due to the MS update that I couldn't access the internet with ZA, I replace ZA with Kerio 2.1.5. I've had no problem accessing the 'net with Kerio 2.1.5 & Windows update KB951748.
-
http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
for those using za :)
Dan,
Thank you for posting this. :) I upgraded to ZA 7.0.483.00. It's running great. :)
I'm leaving Kerio 2.1.5 on one of my computers for a while. I want to try it out, it's old, but popular, low on RAM use & passes both PC Flank & Shields Up. :)
ZA free is still my favorite fw. ;D
-
Have to confess... In Vista, my favorite firewall is the Vista firewall itself.
Never managed to have a decent system (OS + antivirus + firewall) with *any* third party firewall... sooner or later problems. Hope Alwil firewall starts with the right foot ;)
-
***
Hmmm ... I got the Windows update and not having connection problems.
Perhaps it's because I'm using the last know good version of ZA free?
***
-
***
Hmmm ... I got the Windows update and not having connection problems.
Perhaps it's because I'm using the last know good version of ZA free?
***
Maybe you have your "Internet Zone" slider set to medium?
http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html
-
***
It is set on high ... click image below to enlarge.
***
-
Holy cr*p, I completely take back my previous post !! I did some more research on this patch issue, and now I realize the grand situation of this thing ...
Instead of not installing the patch, update or uninstall any software that doesn't cope well with the multiple patches (like ZoneAlarm). Install the patch and update all else.
I completely take back my original comments:
Castlecops post :
Quote
Windows update KB951748 should not be installed. It will break your Internet connection. If you have it already installed, uninstalling it fixes the problem.
I have spent the day troubleshooting over 20 PCs and have found all installations to have the install date of 9 July 2008, which in my part of the world is tomorrow. I think that as of tomorrow it should work. If not then MS broke something again, but we are used to that.
How to fix it? Go to Start> Control Panel> Add/Remove Programs. Make sure to put the tick mark in the "Show updates" box in the upper right-hand corner of the screen. Scroll down to the Windows Updates and look for (KB951748), highlight it and press remove. You will need to immediately do a reboot and when your machine has restarted your Internet connection will function again!
http://www.castlecops.com/a6916-MS_KB951748_breaks_ZoneAlarm.html
Really bad mistake on Microsoft's part ... Incompatibility based on date Huh
For more information on this DNS issue (apparently, this is really major; more details on August Black Hat conference):
http://blogs.zdnet.com/security/?p=1460
http://blogs.zdnet.com/security/?p=1468
http://blogs.zdnet.com/security/?p=1471
http://www.doxpara.com/ --> This is the guy who discovered the issue, Dan Kaminsky, and you can check whether or not you are protected (with the DNS patches)
http://www.matasano.com/log/1093/patch-your-non-djbdns-server-now-dan-was-right-i-was-wrong/
http://blog.trailofbits.com/2008/07/09/dan-kaminsky-disqualified-from-most-overhyped-bug-pwnie/
http://securosis.com/2008/07/09/more-on-the-dns-vulnerability/
http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
http://www.veracode.com/blog/?p=120
http://www.veracode.com/blog/?p=119
(Heck, check out the entire blog, http://www.veracode.com/blog/ , for entire following to the issue.)
Here is the actual US-CERT (United States Computer Emergency Readiness Team, part of international organization)::
http://www.kb.cert.org/vuls/id/800113