Happy to say that the updated version of Zone Alarm Pro (with high firewall setting) seems to work fine with Microsoft's KB951748. Tried about 15 websites, including bank, several secure sites, and other favorites. No problems yet.....

Well, I installed the update for Zone Alarm, and now I can't sign in to my Yahoo IM.

When will this nightmare end???

Just checked Zone Alarm's web site and found following:

http://download.zonealar...nternetAccessIssue.html

I'm going to install updated version of software (which they say should solve internet connection issue) and see if it works with installation of Microsoft's KB951748. I do not care to run firewall with medium setting either. If it doesn't work, I'll uninstall the MS patch, as I've had to do in past with other updates that screwed up. Fortunately, I don't have Automatic Updates activated since I want to know exactly what I'm installing. As most people, I don't trust Microsoft!

ZoneAlarm have posted the fix for this issue.
http://download.zonealar...nternetAccessIssue.html

000

Pulling down the switch for Internet Zone to medium, bypasses the prob. Surely only recommended temporarily.. Cheers.

robmanic44

Hardware Firewall does not replace software firewall. you need both as hardware firewall blocks ports from your PC while software firewall blocks applications (Trojans, Bots...) as well.

That's why I use NOD32 and ThreatFire.

ZA appears to be the only software affected. The title is very misleading. So, ONE piece of software and this is an issue worthy of notice? Sounds like more random MS bashing.

Im using BitDefender and I too have noticed a few sites I visit frequently hanging. Im using Vista on a lappie, but my wife has XP with BitDefender and has had no problems at all.

SOLUTION: ZoneAlarm Pro

Go to "Firewall", "Expert" tab, click "Add", give a name to the rule (any name),

Source - Modify »» add location > My computer
Destination > Any // Protocol > Any // Time > Any OK.

...and you just turned off your firewall.

Cute.

I installed the patch, rebooted, and lost connectivity to the internet. PING did work correctly, unlike the article notes above? But through the browser, nothing would come up. I noticed ZoneAlarm had been set to High. The uninstall of th patch requires a reboot as well. 1. Go to Control Panel, 2. Run Add or Remove Programs 3. Check "Show Updates" 4 Sort by "Date Last Used" , you will see the KB951748 update listed near the bottom, 5. Highlight it and click "Remove". You will be prompted to restart.

"This distinction is apparently very important in the assessment of damages that may result from not implementing the fix."

As soon as I read that smartass comment, I knew who wrote the article. Scott... can you stick to the facts and not constantly throw in nonsense? You should go work for Wired. I think BetaNews is a great site but this kind of stuff is just unneccessary.

Are you a moron? Microsoft classifies it's bugfixes carefully, and companies actually do base policies around them. A patch that is classified as 'critical' is more likely to get placed into production before Q/A is complete, due to the nature of the fix. It's an important distinction, but one that you're obviously incapable of comprehending.

I'm a zone alarm user and I'll be glad when the problem is fixed. I found I had to add every single domain, including my ISP, the ftp addresses where I upload domains, etc. to an "ok" list of approved sites in zone alarm before I could access them. Once I did that I had no problem but i wasn't about to do it for every domain I might visit in an evening. For now, I have shut down zone alarm and am relying on my router firewall.

After I installed the patch and rebooted yesterday, my AVG firewall was turned off, but I turned it back on, and it's been fine ever since.

Windows Live Onecare's firewall works fine with this patch..

Solution: Disable and uninstall all firewalls. LOL

The cost of hardware firewalls has dropped to point that there is no reason to use a software firewall. If you are currently using a hardware firewall, don't run a software firewall. Not only is it redundant, but it can screw up your system.

Well convenience is one reason to run software firewalls. Vista's for example dynamically opens and closes the needed ports applications want when run and closed.

All without the user having to do anything. This is nice. As unlike hardware routers of which most require you to permanently open a port if an app needs access.

yea right ..

Can you suggest a good hardware firewall to use next time I'm trying to get connected through WiFi at a hotel? I need something small, secure, and costs about the same as a software firewall.

Thanks.

I currently use a NetGear GS108, but there are some new LinkSys systems that are selling as low as $34.00. The instructions are simple and easy to follow.

You didn't understand what I was asking. I'm looking for something that does a hardware firewall with the wireless connection typically found in hotel Internet access. I don't need a cheap switch. I hope you don't think that cheap switch is giving you a hardware firewall.

I guess I was being a little sarcastic, but was hoping that someone might know of something. There really isn't a device that fits the bill - that I know of - which is why software firewalls are still necessary for people like me who travel frequently for business and need to be both protected and connected wherever we go.

The title of this article is very misleading. The problem is the DNS protocol itself, not some one-off thing Microsoft did. The list of companies with fixes for differen Operating Systems out on the same day for this is very long.

I am running two XP Pro machines with Zonealarm. One is set to automatic updates and the other is not. The machine with auto updates stopped working with the Windows patch. The other machine is still working correctly!

just got tired of ZoneAlarm and all the crap coming from it, after many years as a paying customer, moved to Online Armour for my Windows machines, patched up 3 pc on XPsp3 and no problem at all. ZA "was" the best.

Gee Thanks Foxfyre, that's really comforting!

I trust the Windows built in Firewall about as far as I can throw the entire Microsoft campus!

~Seth
http://www.SethEden.com

If its any consolation, it doesn't bother the built in XP firewall...

;-)

Gee, isn't that a software firewall? ;)

I am using Comodo Fireall Pro and encountered the same problem. I spent quite a bit of time last night verifying my connection to the local network and then establishing that I could access the web, but only by inserting an IP address into the address bar. I finally restored the system to its configuration prior to the XP update. I cancelled subsequent download notifications for the same update. I'll wait until there is more information on the problem.

That's why my NEXT computer's gonna be a MAC!

(MAC's ALWAYS make perfect snese!)

Yeah, sounds like you need one.

"by FerdBurfle

edited Jul 9, 2008 - 3:45 PM

That's why my NEXT computer's gonna be a MAC!

(MAC's ALWAYS make perfect snese!)"

And yet even after editing your post, it still makes no "snese".

And that's supposed to make you impervious to attacks??? Dude that makes so "snese".

ok your point?

Smart man. Thanks to the Mac, my computer is now impenetrable to attacks.

Thanks to the Mac, my computer is now impenetrable to attacks.

Yeah genius.

Because we all know there's never been malware or viruses on the Mac OS X platform...

Look at the links above. Those are called facts. Now, look at your post...which includes none.

Fanboy much?

I had this problem this morning with one of my clients, but I immediately thought of zone alarm being part of the problem. I set the internet zone from HIGH to MEDIUM and internet came back up right away. I was not aware of this particular computer having automatic updates enabled, but now that Im reading this article it makes perfect snese!

The rumor I heard was that Zone Alarm wasn't privy to secret meetings help between MS and other firewall companies.
Therefore they had no warning of this update.

THANK GOD for system restore! My computer downloaded those updates this morning, and hardly anything would work after that. (I also have Zone Alarm...Maybe it's time to dump that, and go back to Ad-Aware?). I have turned OFF my automatic updates, as after my first system restore, the update "sheild" popped-up again, and not being a computer wizard, I ran the update again, and again, nothing worked, so I did a 2nd system restore. Now, all is well again.

I'm running McAfee security center and noticed that some websites would hang and some wouldn't load at all after the update but clearing the cache and running a reg scan seemed to help, at least with some sites. I figured it had something to do with the update as the problem appeared in both Firefox and Ie7 with the same sites right after I installed it. At least now I know why and will look at McAfee for a fix.

Well, now I know why I had to do a system restore. Still, I see some blaming ZoneAlarm. Maybe Zone is part of the problem BUT since so many people do use Zone how come M$ didn't find out how it reacted before sending the damn patch? I mean, they must have at least ONE TEST COMPUTER with ZoneAlarm installed on it as a test bench?

I understand the need, as this has been a glaring problem with DNS for a long time.

I would have thought that Microsoft at least would have issued a statement about this update to warn of potential problems, but then again A LOT of their updates have been known to break things. So, i suppose this shouldn't come as a surprise.

Running linux here, and running firehol IP tables firewall and i haven't experienced any issues thus far.

Thanks!!
--
Ando
http://www.andostechcorner.blogspot.com

Another 'Wednesday morning quarterback'.

well why is it that my computer has not been "broken" after an update?? because i know what i'm doing and what i'm installing YOU ****!

Thanks for this news, I wondered why my system wouldn't connect this morning. Now I know!

Cheers
~SethEden
http://Blog.SethEden.com

Windows DNS bug fix can impair firewalls, including ZoneAlarm

Firewalls. (plural)

Including. (as well as...)

...and yet the only firewall mentioned in the entire article is ZoneAlarm.

You imply this affects multiple products in the headline and then focus only on one, neglecting to even bring up any other products that might support the claim in the headline that this apparently affects more than one firewall.

Now, I know better than to assume you are trying to do something as lame as create a sensational headline just to gather hits. That would just be silly. So, what is it? Did you forget about the other ones? Which are they?

On the other hand it's been quite boring the last few days so why not give it a try...

The Obama post last week was excellent (if only foxy would realize that some people have other things to do than read multi-page comments...)

Okay, some fair questions asked.

No sensationalism here; in fact, I'm actually trying to be fair. The side-effect of implementing this patch impairs the effectiveness of firewalls, plural. That's because it changes the way DNS works. That's not the fault of ZoneAlarm; it's not my intention to say there's any defect in ZoneAlarm. There isn't, as far as I'm concerned. What I'm saying is that the nature of the problem and the nature of the solution can have a detrimental effect on firewalls, and I cite ZoneAlarm as an example.

Had the headline been, "Windows DNS bug can impair ZoneAlarm," then the complaint would have been that we're unfairly picking on ZoneAlarm. And frankly, it would have been a legitimate complaint.

-SF3

Then I would suggest using your time to do them instead of spending your time here to whine about it

After implementing this patch, one of my two computers running CA (Computer Associates) firewall was fine, the other reported that the firewall was not installed. It took some searching, but there was a fix on the CA website. So it's not only ZoneAlarm that's affected and your headline was just fine!

Have you no compassion and mercy..? ;-)

How many times have various issues with ZA's firewalls come up after MS updates? A hell of a lot.

ZoneAlarm has gone downhill since v3. Some of the top firewalls recommended on the Matousec website do not have these issues.

This patch loaded automatically this morning, and I had the problem connecting to the internet through ZA. I did a System Restore and it returned internet connectivity. I certainly wish I had known about this problem before I let the patch install.