Gary A
join:2008-03-02
Odessa, FL
 ·Embarq
 ·Verizon FIOS
| reply to AB
Re: MS update KB951748 and ZoneAlarm --- PROBLEM
said by AB  :No doubt the same attitude taken by those ZA users who quickly installed KB951748.  I never rush to install MS updates. In fact, I have never had Automatic Windows Update turned on(sorry Microsoft). I let the little yellow shield show up in the System Tray and then I go read about the updates before downloading and installing them, one PC at a time, in a controlled manner. This week, when I found that I didn't have internet access after updating my laptop, I stopped and still had a working desktop system. I uninstalled the 2 MS updates and regained internet access, so I immediately knew it was something to do with the update and not my ISP or router.
When the problem hit this week, I read on another forum about a user who woke up that morning to 5 networked PCs at home that didn't have internet access. He wasted hours troubleshooting a non-existant problem with his ISP/router/cable modem.
I've never trusted Microsoft enough to give them carte-blanche access to my PCs. When IE7 was released it broke a part of my HP photo software called HP Director. It was days or weeks before HP released a patch. |
|
AB
Premium
join:2006-04-04
Leesburg, VA
| said by Gary A :I never rush to install MS updates. In fact, I have never had Automatic Windows Update turned on(sorry Microsoft). I let the little yellow shield show up in the System Tray and then I go read about the updates before downloading and installing them, one PC at a time, in a controlled manner. This week, when I found that I didn't have internet access after updating my laptop, I stopped and still had a working desktop system. I uninstalled the 2 MS updates and regained internet access, so I immediately knew it was something to do with the update and not my ISP or router. When the problem hit this week, I read on another forum about a user who woke up that morning to 5 networked PCs at home that didn't have internet access. He wasted hours troubleshooting a non-existant problem with his ISP/router/cable modem. I've never trusted Microsoft enough to give them carte-blanche access to my PCs. When IE7 was released it broke a part of my HP photo software called HP Director. It was days or weeks before HP released a patch. You know, this entire thread is basically one big advertisement for Acronis True Image, or something similar.
I know I sure am glad I use Acronis nowadays. It's saved my butt on more than one occasion.
And with it installed, I can be the first one off the bridge, should I be so inclined.  |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
 ·Optimum Online
 ·Vonage
| reply to jaykaykay
said by jaykaykay :...And, for anyone who cares, no I will not be the guinea pig the next time around! :):) Now now, we all have to take our turn to keep things fair. It's not right if the same people get borked repeatedly. 
--
11,433 DEADLY TERROR ATTACKS SINCE 9/11~~SARAH BRIGHTMAN SYMPHONY WORLD TOUR |
|
Xed
@rr.com
| reply to Pentangle
Tomorrow I'll try to reboot the router (which is now sitting at the bottom of my closet getting dusty). I hope that will do the trick.
Thank you so much for hanging in there with me on this, Pentacle. If this solution doesn't work, do I have your permission to kick and stomp on my Linksys router (and then go out and buy a new one)? Please say yes, especially about the kicking and stomping part. |
|
fredjo
@sbcglobal.net
| reply to winchester73
Alright this is starting to get annoying, i installed the new update for zone alarm a few days ago but during these past days firefox, all of the time does not load a web page succesfully and i noticed video streming is quite slow as well. my other comp on the other hand running comodo is running quite well. i can even see the packet difference i recieve because the comodo comp's packets are in the millions, while the za comp is short around 500,000 I figure ill just install comodo on the za comp instead, but does anyone in the same boat as me have a soulution? i really want to keep ZA on this comp, since it is the main comp i use. |
|
Gary A
join:2008-03-02
Odessa, FL
·Embarq
·Verizon FIOS
| I like ZA, too and will be keeping it. Have you tried over on the ZA forums? There are some knowledgeable and helpful folks on that website. It may help to start a thread.
Here is a link to one of several threads that started this week discussing the MS update problem.
»forum.zonelabs.org/zonelabs/boar···id=18667 |
|
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
·Verizon FIOS
| reply to AB
said by AB : You know, this entire thread is basically one big advertisement for Acronis True Image, or something similar. I know I sure am glad I use Acronis nowadays. It's saved my butt on more than one occasion. And with it installed, I can be the first one off the bridge, should I be so inclined. I was just thinking the same thing, AB, namely that with imaging software and System Restore it should not be a leap of courage for any user to try out new software or install updates. That said, old hypocrite Dan here has done nothing except switch my router settings over to OpenDNS. I am still lurking in the high grass on both the ZA and M$ updates.
--
Courage is being scared to death but saddling up anyway.
|
|
Pentangle
With our thoughts we make the world.
Premium
join:2006-06-01
Vancouver BC
·Shaw
1 edit | reply to Xed
said by Xed :
If this solution doesn't work, do I have your permission to kick and stomp on my Linksys router (and then go out and buy a new one)? Please say yes, especially about the kicking and stomping part. Resetting it to factory defaults will probably do the trick--but sometimes you just gotta let the energy out!
BTW, keep in mind that resetting the router will also reset the password to the default. Be sure to change it once you're up and running.
Edit: Added BTW |
|
Libra
Premium
join:2003-08-06
USA | reply to FiOS Dan
Hi Dan,
I've done nothing but read these boards and ZA's boards. I don't like being insecure, but I don't want to lose the internet either!
Sincerely, Libra |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
·Optimum Online
·Vonage
| said by Libra :Hi Dan, I've done nothing but read these boards and ZA's boards. I don't like being insecure, but I don't want to lose the internet either! Sincerely, Libra Well, you've got two choices. Either dump ZA for something else, install the patch, and hope it all works, or update ZA to the newer version and install the patch, which seems to be working for the majority of people.
--
11,437 DEADLY TERROR ATTACKS SINCE 9/11~~SARAH BRIGHTMAN SYMPHONY WORLD TOUR |
|
noway1
join:2004-11-29 | reply to Libra
Maybe if you make sure your ISPs DNS servers have been added to ZAs Trusted Zone... |
|
jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
Scottsdale, AZ
·Speakeasy
| reply to La Luna
Those people don't need our testing for them. They need to have a scissors taken to the Net connection or be put in the closet and loceked away forever.
And as to fair... You knew it was coming! Who said things had to be kept fair!!! |
|
Owlbet
Ignite the Ice
Premium,MVM
join:2002-09-24
Palmer, AK
clubs:
·MTA Online
| reply to winchester73
I have 3 computers that run Zone Alarm Pro. I usually back up my computers a day or two before Crash Tuesday. I also have my computers automatically download and install updates, but I usually beat Microsoft to the punch and perform a manual update. That's just me.
Already aware that there was a problem with KB951748 and fearing the worst for my own machines, I came home last Tuesday to find that only one computer had updated and it was one of my computers with the .470 branch of Version 7 of Zone Alarm Pro. Oh crap! Like the rest of the posters here, that machine had no internet access. I took that machine offline, but left KB951748 installed. On the other two machines, I just temporarily disabled Windows Updates until an update to Zone Alarm was released.
Of those two machines unaffected by KB951748, one had an expired subscription. It's becoming expensive to renew subscriptions every two years and I figured I really didn't need the latest and greatest version of ZAP anymore. But there are features in ZAP that I use that are not found in the free version. But unless I renewed the subscription on that machine, I basically had a useless copy of Zone Alarm Pro.
Needless to say, I forked over the cash for another two year subscription and the process left a very sour taste in my mouth. I just can't shake the feeling that Check Point deliberately neutered ZAP in some way (there have been several releases of ZAP in the past few months) to force the users of expired subscriptions into renewing their licenses.
--
Team Discovery
|
|
newmexter
@Level3.net
| reply to winchester73
Sorry if this has already been addressed: I have installed recommended Zonealarm update (which took about 3 hours to download via dial up), removed the security update, and set the firewall to medium and still no dice. I've also turned ZA off completely, turned on Windows firewall, and tried to access wireless with no luck. Dial up (Netzero) does work fine at this point. Anything else to try short of removing Zonealarm entirely? |
|
jack42779
@faa.gov | reply to winchester73
Re: MS update KB951748 and ZoneAlarm --- PROBLEM -Use Restore
Another work around, instead of reinstalling ZA just do a system restore at a point that the internet was knowen to work.
This has worked for my client. |
|
bcastner
Premium,VIP,MVM
join:2002-09-25
Chevy Chase, MD
clubs:
·Verizon Online DSL
2 edits | reply to FiOS Dan
Re: MS update KB951748 and ZoneAlarm --- PROBLEM
quote:
You know, on the one hand the kind of quick response that the folks at Check Point made yesterday should go a long way towards holding their current customers and perhaps attracting some new ones. But on the other hand, you would think that there could be some sort of "patch preview" service to which developers could subscribe to receive at least 24-hours advance notice of the upcoming changes and issue updates to their programs ahead of time rather than have all hell break loose like it did yesterday.
There is such a program in place, and has been for several years. The time given, I am told reliably, is much greater than 24 hours. While it likely some members of this Forum are members of the SVUP program, they are by Non-Disclosure not permitted to identify themselves, nor discuss any details of the program. The program includes MS-MVPs, large corporation members of special advisory panels, ISV participants, and other formal panel participants that have been put together by Microsoft over the years to act as guinea pigs.
Will all problems be caught? This case shows that they will not be.
This update was likely applied to over a Billon computers. The actual number of problems with it that have been reported are small, and no re-engineering of the Hotfix itself was necessary.
In my opinion: The security problem it addresses is quite real, and the action taken by Microsoft was a responsible one. The potential of the risk addressed in this Hotfix to completely compromise the entire Internet was real, and needed to be addressed immediately and affirmatively.
I feel the pain of anyone who had problems from this update. But do not let it lead you unwisely to turn off Automatic Updates, or not install Service Packs when issued.
The most important thing to discuss when an issue of this sort happens, is how to resolve it. The folks in the trenches involved in the initial efforts to create these Security enhancements never talk when they break something about "who is at fault", they immediately try to work out a solution. This includes immediate, substantial, and significant work between the effected ISV software company and Microsoft.
When a solution is found, as it was in this case by Zone Alarm issuing five new versions of it's software, nobody involved spends any time pointing fingers, or making a rush to judgement about the Future of Hotfixes.
And neither should anyone else.
Bill Castner
--
============
MS-MVP 2004 - -2008, ASAP Member
Users Helping Users
|
|
Libra
Premium
join:2003-08-06
USA
2 edits | reply to La Luna
Hi LaLuna,
Thank you for your advice. I guess I should remove my current 4.5.538.001 and install the latest ZA, then go to Windows Updates.
In my current ZA I don't have any dns or DHCP servers in the trusted zone. I have adapter subnets in the internet zone. Under "advanced" I have allow outgoing dns and dhcp in the internet zone and trusted zone under high security and Block internet Zone Servers.
I have AOL on this computer and they probably have a lot of dns and dhcp servers and I don't know what they are.
2nd Edit: I get these alerts from ZA: Generic Host Process for Win32 Services could not accept a UDP Port xxxx connection from 192.168.1.1 because internet servers are blocked. And the same alert for 205.188.146.145. BUT in spite of this, I can access the internet and AOL.
Do you know if this will work in this latest free version of ZA?
Thank you.
Sincerely, Libra
|
|
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
·Verizon FIOS
|  reply to bcastner
Fascinating post Bill. Thanks for sharing just enough info without compromising too much. I can only imagine how difficult it is to create the perfect patch that dirsupts no one's system, especialy given the seemingly endless number of software combinations that are running out there. However, in this case it does seem like something fell through the cracks. The nature of this patch as I understand it, namely changing the ports range, could obviously impact FW settings, and the Check Point ZA products are among the most widely distributed FWs in the world. It therefore seems odd that this internet connection loss was never foretold or experienced by any of the MVPs, panels, guinea pigs, etc. This is not some obscure program from a little-known developer, running on a few thousand rigs worldwide. ZA users must number in the millions. Oh well, nothing directed at you Bill or your well-intentioned and informative post. Just a mini-rant I guess.
--
Courage is being scared to death but saddling up anyway.
|
|
bcastner
Premium,VIP,MVM
join:2002-09-25
Chevy Chase, MD
clubs:
·Verizon Online DSL
| Thank you for the fair reading of my comments. I very much appreciate that fact.
I have no intention of quibbling about market share by third-party firewall products; certainly Check Point ZA are important in the freeware consumer space, and I am guessing that this might be under represented in the testing panels used. It is complicated by the fact that issues only occured, it appears from user responses, in only certain versions of the same. The majority of third-party firewall products in use are dominated completely by the major Antivirus product vendors by their Suites, none of which had issues with this Hotfix. I wish I could say more about the matrix of reported issues, and their resolution, but I do not have access to the data nor could or would supply it here. But in the main, this has been a relatively trouble free Hotfix, one absolutely worthy of doing, and it appears any issues have thankfully now been sorted.
But I do feel firmly that at least a process is in place, albeit shown imperfect in this case, to prevent these sorts of issues from ever happening.
And that the unfortunate experience of some, should not lead them to the conclusion that future Security Hotfixes, Service Packs, or the whole notion of Automatic Updates should seriously be called into question as a result.
I appreciate very much your fair reading of my earlier comments.
My best regards,
Bill Castner
--
============
MS-MVP 2004 - -2008, ASAP Member
Users Helping Users
|
|
Jay0
@shawcable.net
| reply to winchester73
First, great, GREAT information everyone. Your feedback and enlightened input is sincerely appreciated.
I am running the latest version of Zonealarm, under Win2k and I am running an Linksys Etherfast Cable/DSL Router (802.N flavour).
I installed the Zonealarm update, fooled around with this ting ALL DAY. The only solution that worked (as I can write to this forum) was to remove the KB951748 update. Actually, I didn't regain Internet access immediately and could only connect directly; not through the router. I changed wires, played around and finally, THANKFULLY I am re-connected to the beloved Internet.
A few issues made this harder - my ISP went down for a while today and my router is still acting a bit funny. The Internet light is still blinking, but I believe that this should be solid.
In any event, I think the prudent thing to do is uninstall (via add/remove programs) this KB update. Leave your ZA at high (IMHO) that is the lesser of two evils. Hope everyone is back up and running and hopefully a real "fix/update" will be put out by MS or ZA.
Thanks for reading. A good day to all.
-J |
|
