winchester73
join:2003-08-08
Chapel Hill, NC
| MS update KB951748 and ZoneAlarm --- PROBLEM For those of you using ZoneAlarm who installed the windows updates today, you probably already know that your internet connection has died. It appears that KB951748 made changes to the networking files that ZA doesn't see/recognize.
After two hours of messing around, I found an inelegant solution that will work temporarily ... set the Internet Zone Security permission slider from high to medium. The connection will be restored.
I discovered this after I finally figured out ZA was blocking my internet connections, and turned it off. Once everything worked again as normal, I started playing around and hit on this lowered permission setting.
I imagine the ZA forum will be full of better solutions, but thought this would get you back up and running in the short term. | |
|
 
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
 ·Verizon FIOS
1 edit | Re: MS update KB951748 and ZoneAlarm --- PROBLEM Thanks for the heads up winchester73. This is very troubling as I run ZAF on all three of my rigs. Can anyone else confirm this experience and, if so, have you discovered any other workarounds?
--
Courage is being scared to death but saddling up anyway.
Edit: It was suggested that I edit my post so that people just getting to this thread do not have to wade through 17 pages looking for the fix.
New versions of all Zone Alarm products, which fix the problem of lost Internet access, are available for download at »download.zonealarm.com/bin/free/···sue.html so upgrade to these before installing hotfix KB951748. If you have already installed the hotfix, proceed as follows:
1) Uninstall hotfix KB951748 via Start>Settings>Control Panel>Add/Remove Programs (be sure to choose the setting to show Windows Updates).
2) Restart your PC. You should now have Internet access restored.
3) Download and install the new version of your ZA product at the above link.
3) Visit Windows Update and run the scan there, which will show that you still need KB951748. Download and install it.
HTH | |
|
 | 
FingersFlying
@bellsouth.net | Re: MS update KB951748 and ZoneAlarm --- PROBLEM Yes, I too discovered the same problem and solution with KB951748 and Zone Alarm.
Warren | |
|
|
updatetrouble
@yorku.ca | hi same problem. Lowering the zone alarm security setting allows access | |
|
|
DG HOTFIX Funny
@cox.net
| YES, I can confirm the problem with the Security update. It has affected 3 of my machines so far. 2 Win2k and 1 XP pro machine. I have confirmed the conflict with ZA and changed the settings as described above, but I prefer to remove the Hotfix/Security update KB951748. Both fixes work though. Not sure which is the more secure. | |
|
|
Welsh Chris
@in-addr.arpa
| said by FiOS Dan  :Thanks for the heads up winchester73. This is very troubling as I run ZAF on all three of my rigs. Can anyone else confirm this experience and, if so, have you discovered any other workarounds? It's happened to me, today my computer has twice installed this update and broken my internet connection both times. I'll go and look for a zone alarm update now. If ZA hasn't been updated to correct this yet, I guess it soon will be, then I can let Windows update install KB951748.
Chris | |
|
| |
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
·Verizon FIOS
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM said by Welsh Chris :
I'll go and look for a zone alarm update now. If ZA hasn't been updated to correct this yet, I guess it soon will be, then I can let Windows update install KB951748.
Chris
I have a tab open at the ZA Forum and I will monitor it all day for the update notification in the promised "General Announcements" section. Stay tuned.
--
Courage is being scared to death but saddling up anyway.
| |
|
| | |
Welsh Chris
@in-addr.arpa
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM said by FiOS Dan :said by Welsh Chris :
I'll go and look for a zone alarm update now. If ZA hasn't been updated to correct this yet, I guess it soon will be, then I can let Windows update install KB951748.
Chris
I have a tab open at the ZA Forum and I will monitor it all day for the update notification in the promised "General Announcements" section. Stay tuned. Having read more posts on this I guess I'll be safe enough behind my router's firewall if I set ZA to medium. "Shields Up" has always shown my network as invisible to probes. | |
|
| | | |
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
·Verizon FIOS
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM said by Welsh Chris :
"Shields Up" has always shown my network as invisible to probes.
That may change with ZA set to medium. Give it a try and see if you are still invisible.
--
Courage is being scared to death but saddling up anyway.
| |
|
| | | | | TheWiseGuy
Dog And Butterfly
Premium,MVM
join:2002-07-04
Yonkers, NY | Re: MS update KB951748 and ZoneAlarm --- PROBLEM Unless someone is forwarding ports(etc), the router will still block unsolicited inbound packets. | |
|
| | | | | winchester73
join:2003-08-08
Chapel Hill, NC
| said by FiOS Dan :said by Welsh Chris :
"Shields Up" has always shown my network as invisible to probes.
That may change with ZA set to medium. Give it a try and see if you are still invisible. Just ran it, still "Stealth" with the slider at Medium. | |
|
| | | | | |
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
·Verizon FIOS
1 edit | Re: MS update KB951748 and ZoneAlarm --- PROBLEM said by winchester73 :Just ran it, still "Stealth" with the slider at Medium. Interesting and good to know. Thanks.
Edit: By the way, are you behind a router?
--
Courage is being scared to death but saddling up anyway.
| |
|
| | | | |
Welsh Chris
@opaltelecom.net
| said by FiOS Dan :said by Welsh Chris :
"Shields Up" has always shown my network as invisible to probes.
That may change with ZA set to medium. Give it a try and see if you are still invisible. The firewall in my router blocks "Shields Up" probes even if no firewall is running on the computer. | |
|
| | | | | |
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
·Verizon FIOS
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM said by Welsh Chris :
The firewall in my router blocks "Shields Up" probes even if no firewall is running on the computer.
Thanks. That finally occurred to me hence the additional question in my edited post.
--
Courage is being scared to death but saddling up anyway.
| |
|
| | | |
Rick5555555
@rr.com | Yes...I feel the same way, I uninstalled KB951748 and will keep my current ZA installed until I find out what happens here later with updates, new versions, etc...  | |
|
| | | | | 
Gary A
join:2008-03-02
Odessa, FL | Re: MS update KB951748 and ZoneAlarm --- PROBLEM I was hit with this problem this morning after I applied the 2 MS updates. Glad I found this thread. I've uninstalled both MS updates until they (MS or ZA) come up with a fix. | |
|
| |
| 
whizkid3
Premium,MVM
join:2002-02-21
Queens, NY | Just discovered the same problem (been offline). I suspected it was my recent MS Update. I changed ZAF slider to medium, and am able to get to dslreports. Will apply fixes as described. | |
|
| |
tcse
@comcast.net
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM Does this patch only cause problems for users that have Zonealarm installed or does it also affect users without it on their systems? I don't have ZA installed on my system, I just have a modem and hardware firewall combination. Will I encounter problems when I install the patch? It appears that some users, from what I've read over the 23 pages, have experienced problems with their routers and the loss of internet. | |
|
| | | 
AB
Premium
join:2006-04-04
Leesburg, VA
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM said by tcse :
. . Will I encounter problems when I install the patch? It appears that some users, from what I've read over the 23 pages, have experienced problems with their routers and the loss of internet. Unlikely, but there are few guarantees in life.
Make a system restore point or image your system prior to installing it.
A free imaging program is available here, for anybody that doesn't have one:
»www.macrium.com/ReflectFree.asp | |
|
|
|
| |
| |
sholin
@com.au | Re: MS update KB951748 and ZoneAlarm --- PROBLEM Luna...try it hon...delete and clean re-install | |
|
| | |
it08
@gazeta.pl | Re: MS update KB951748 and ZoneAlarm --- PROBLEM I try very clean install (even with registry manually cleaning - manually removing all filess according ZA technical support even the licence file ) - and ... doesn't work - problem still exist. | |
|
| | |
Tx reader
@swbell.net | I did a clean install.....after uninstalling. IT DID NOT WORK, sorry but it didn't. I have Zone Alarm Pro. | |
|
| |
Tx reader
@swbell.net
| I uninstalled ZAP, then reinstalled. It did NOT solve my problem. I had to go from High to Med security to get it to work. I spent over 40 minutes with Microsoft on hold, and then gave up....finally I uninstalled the update, then got on line to find out what the problem was. Needless to say I am not a happy camper right now. | |
|
w8sdz
join:2001-05-21
Port Orange, FL
1 edit | This might help someone who knows how to debug problems associated with today's MS Update. The following files in the \windows\system32 directory of XP Home (SP3) were replaced:
mswsock.dll
dnsapi.dll
vbscript.dll
jscript.dll
The network connectivity problem is most likely caused by the replacement of mswsock.dll. Zone Alarm's Vector service may have to be changed to work correctly with this new dll.
--
73 de w8sdz - sip:271752@fwd.pulver.com | |
|
| |
| | 
Greg_Z
Premium
join:2001-08-08
Springfield, IL
 ·Comcast
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM Then, it is not a Microsoft fault, but Checkpoint for not making sure that their product was compatible with the latest updates & Service packs. What gets me, is that Software Manufacturers have the opportunity to work hand in hand with MS, but refuse to do so, because it will cost them money. | |
|
| | |
DiverGuy2
@logicalsolutns.com
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM said by Greg_Z :Then, it is not a Microsoft fault, but Checkpoint for not making sure that their product was compatible with the latest updates & Service packs. What gets me, is that Software Manufacturers have the opportunity to work hand in hand with MS, but refuse to do so, because it will cost them money. Ok, that's one of the most absurd comments I've seen in quite a while.
This affects multiple versions of Zone Alarm. All of the Zone Alarm versions were published BEFORE MicroSquish published their FIX.
How can you possibly blame software vendors for 'not working hand in hand with MS', when their software was functioning perfectly UNTIL MS issued their update.
The problem IS with Microsoft. You have obviously been assimilated. | |
|
| | | | davee1
join:2003-05-27
Antioch, CA | Re: MS update KB951748 and ZoneAlarm --- PROBLEM Thats right!!! Microsoft needs to get off their queenie high horse and work with vendors, communicate, put out patches that dont screw up other things, and share the wealth so to speak. | |
|
| | 
altermatt
Premium
join:2004-01-22
White Plains, NY
 ·Verizon Online DSL
| said by La Luna :To solve this, just reset the ZA database and the ZA will be "fresh" as when it was first installed Does this really work? If so, it is a HECK of a lot easier to just nuke the databases than to reinstall the whole program, and a HECK of a lot safer than setting the internet zone to medium.
Is Online Armor affected? I've been meaning to switch for a while, since my ZAPro updates expired, and this might be the motivation.
--
The truth of a thing is the feel of it, not the think of it. -- Stanley Kubrick | |
|
| | 
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire
1 edit | said by La Luna :This is the vague explanation: If the windows update changed the usual needed files for networking/internet, then the ZA will not see the changes and continue to use the previously known files and ignore the newer files. Even though the file names and locations are still the same from before, now the file size and checksums no longer match. Vague indeed. Surely ZA would then prompt on the new files if changed. This issue might go deeper into how ZA is working
edit: an added rule might help
»www.castlecops.com/article-6916-···0-0.html
"..
According to the German site Heise Security the problem lies in the personal firewall expecting dns queries only from one udp port. The windows update randomizes the source port for udp queries. Heise Security suggests an allow rule for the firewall, which allows udp-packets from any port to port 53 of the dns server and the respective answers.
.."
Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2008 | |
|
w8sdz
join:2001-05-21
Port Orange, FL
| The Microsoft Update also replaced the following driver files on XP Home (SP3):
\windows\system32\drivers\afd.sys
\windows\system32\drivers\tcpip.sys
\windows\system32\drivers\tcpip6.sys
--
73 de w8sdz - sip:271752@fwd.pulver.com | |
|
|
|
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA | Re: MS update KB951748 and ZoneAlarm --- PROBLEM There was a post on the ZA Forum indicating that ZASS is affected as well.
--
Courage is being scared to death but saddling up anyway.
| |
|
jadinolf
I love you Fred
Premium
join:2005-07-09
Ojai, CA | Add me to the group of folks who are affected. 
--
This post printed on 100% recycled bytes | |
|
|
|
See 14 replies to this post |
|
buckw1
Premium
join:2001-08-15
Waller, TX | Commodo had to be told to allow the files also....so if someone has it set to silent, beware. | |
|
|
|
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
·Verizon FIOS
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM From that post--"Okay, the best advice is do a clean uninstall of the ZA and re-install the ZA." To which I say "Faggedaboutit."
--
Courage is being scared to death but saddling up anyway.
| |
|
hurfy
Premium
join:2002-08-06
Spokane, WA
| huge multi-vendor patch day for DNS vulnerability perhaps. Every OS and vendor seems to be listed.
»securosis.com/2008/07/08/dan-kam···eleased/
Even if the instructions for a clean install work i am not repeating it and reenter the license code for 20 computers
Seems like the cure is worse than the disease ? Lowering the security setting as alternate fix doesn't sound like more secure to me ...
Sounds like something ZA should have been aware of tho :/
Think i'll pass on this one for a bit also. No screaming from the user with auto-update on yet...it installs updates when you shutdown doesn't it? | |
|
Pentangle
With our thoughts we make the world.
Premium
join:2006-06-01
Vancouver BC
·Shaw
| I'm running Zone Alarm Free V6.5.737.000, downloaded MS update KB951748 and lost my Internet connection. Worse had to disconnect my Linksys router 'cause even after uninstalling KB951748 the router still won't allow me to connect. Now I'm without router. When oh when will I ever learn to hold off on MS updates until the dust settles in a few days. Any suggestions on how to restore the router?
--
Life is like stepping onto a boat which is about to sail out to sea and sink. - Shunryu Suzuki-roshi
| |
|
|
See 14 replies to this post |
|
John McD
@verizon.net
| Yes. Setting ZA internet security to "medium" works. So does uninstalling KB951748 and leaving the ZA internet setting on "high". But either method creates some vulnerability. Which way is less risky? I really don't know. Another workaround might be to initialize the ZA "database" and let the ZA firewall reconfigure itself from scratch. See La Luna's post for a link to the instructions. Or simply uninstall/reinstall ZA - but this is a real pain. | |
|
|
See 16 replies to this post |
|
feldrew
@comcast.net
| same thing just happened to me, and I'm a relative neophyte, but after 30 minutes of unplugging router, checking our other pc (that still had net access), I figured it out. I can't imagine how many people - and it WILL be thousands - will end up with this problem and not know that it's an update/ZA conflict issue.
For now, I'll keep ZA running and do without the update, which I uninstalled - it's a relief just to know that other people are contending with this and trying to address the problem. I'd hate to ditch ZA for the Windows Firewall. | |
|
winchester73
join:2003-08-08
Chapel Hill, NC
| Reply from a ZA Administrator at their forum:
"We are investigating the issue with the MS update KB951748.
For the time being we suggest you uninstall KB951748 until the issue has been resolved.
We will post when we have more information"
»forums.zonelabs.com/zonelabs/boa···id=52785
Eeks, what to do? Based on that DNS article posted earlier, I think I will leave ZA at Medium and hide behind my router until the dust settles. | |
|
|
FiOS Dan
Premium
join:2001-07-06
Redondo Beach, CA
·Verizon FIOS
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM said by winchester73 :Eeks, what to do? Based on that DNS article posted earlier, I think I will leave ZA at Medium and hide behind my router until the dust settles. Not sure how many websites you frequent winchester73 but I just might hardwire the IPs of all of my Favorites into the Hosts file and bypass the DNS system for a while.
--
Courage is being scared to death but saddling up anyway.
| |
|
| | 
hortnut
Its been a hard road.
join:2005-09-25
All Over | Re: MS update KB951748 and ZoneAlarm --- PROBLEM I was able to ping my wireless router, cable modem, various websites from a command window.
I was unable to enter IP addresses direct into the address window of IE or Firefox. | |
|
| | | 
Rogue Wolf
Is Kind Of A Big Deal In Yemen
join:2003-08-12
Troy, NY
·RoadRunner Cable
| Re: MS update KB951748 and ZoneAlarm --- PROBLEM said by hortnut :I was able to ping my wireless router, cable modem, various websites from a command window. I was unable to enter IP addresses direct into the address window of IE or Firefox. Ditto here. I reverted to a Restore Point from the day before and everything was back to normal.
I'll look into resetting the database for ZA once I get home, but sheesh... I hate when this sort of thing happens. I was cursing out Microsoft all night. 
--
Four gods wait on a windowsill,
Where once eight gods did war and will.
And if the gods themselves may die,
What does that say for you and I? | |
|
gugarci
Premium
join:2004-02-25
Bergen Co
·Comcast
| Wow!!!!!
Came very close to installing this update. I did a system restore point and almost hit the install button. But decided to check here first. Glad I did as I use an old version of ZA 6.5.737. Now I don't know what to do since I have no plans to update ZA since I used it in conjunction with Linksys router. | |
|
swhx7
Premium
join:2006-07-23
Elbonia
·RoadRunner Cable
| The Microsoft naming scheme is overly complex and rather confusing. Here's what I have found out in a few minutes of clicking around.
* MS08-037 is the Microsoft patch for the DNS problem discovered by Dan Kaminsky and patched by a bunch of vendors today.
* Kb article 951748 at support.microsoft.com/kb/951748 is a kind of umbrella summary of MS08-037.
* In the bulletin "for IT professionals" about Ms08-037, and also in the "home user" version of the bulletin, and again in the monthly summary for IT folks, ms08-037 is identified as 953230 and '951748' is not used.
The DNS vulnerability is serious and one cannot "hide behind a router" as one poster mentioned; in web use or other internet activity you're probably making DNS requests all the time.
Therefore I would suggest keeping the patch and using a different local firewall for application control, or adjusting ZA to "medium" - then it's fine to rely on the firewall in the router. | |
|
MSstinks
@rr.com | I have XP Home and I uninstalled KB951748, rebooted and all is well. | |
|
viperpa33s
Why Me?
Premium
join:2002-12-20
Bradenton, FL | I was also hit by the update crippling ZA. I actually didn't know the update was the cause till I seen this posting. Hopefully this gets fixed quick. | |
|
Kiwi
Premium
join:2003-05-26
USA | I could and would, but I won't  | |
|
|
|
|
·
