A large number of major vendors are issuing patches to repair a newly discovered vulnerability that could allow hackers to redirect traffic across the Internet. [Full Post]
Microsoft on July 8 released an security update KB951748 for DNS flaw in Windows Server 2003, in Windows XP, and in Windows 2000 Server (client side), which is known to cause loss of internet access for ZoneAlarm and other firewall users on Windows XP/2000. Windows Vista users are not affected.
The new security update changed the usual needed files for networking/internet, but ZoneAlarm is not seeing the changes and continue to use the previously known files and ignore the newer files. Even though the file names and locations are still the same from before, now the file size and checksums no longer match.
Here I‘m writting down the workaround /fix for ZoneAlarm Free, ZoneAlarm Pro, ZoneAlarm AntiVirus, ZoneAlarm Anti-Spyware, and ZoneAlarm Security Suite. Note: First fix will work for all other firewall that’re affected.
Option 1: Uninstall the hotfix KB951748
- Click the “Start Menu”
- Click “Control Panel”, or click “Settings” then “Control Panel”
- Click on “Add or Remove Programs”
- On the top of the add/remove programs dialog box, you should see a checkbox that says “show updates”. Select this checkbox
- Scroll down until you see “Security update for Windows (KB951748)”
- Click “Remove” to uninstall the hotfix
- Finally, disable Automatic Update, else, when you next boot, the update will push back to the system.
Option 2: Move Internet Zone slider to Medium
Important: I wouldn’t recommend this untill, you have other working firewall, as it’ll leave your PC open for public view. If you are using Windows XP, it’ advised, that you turn on System Firewall, or if you are a broadband user, you can turn on your Router’s Firewall.
- Navigate to the “ZoneAlarm Firewall” panel
- Click on the “Firewall” tab
- Move the “Internet Zone” slider to medium
Option 3: Reset ZA database
Note: When you reset the ZA database, ZA will be “fresh” as when it was first installed.
- Boot your computer into the Safe Mode
- Navigate to the c:\windows\internet logs folder
- Delete the backup.rdb, iamdb.rdb, *.ldb and the tvDebug files in the folder
- Clean the Recycle Bin
- Reboot into the normal mode
- ZA will be just like new with no previous settings or data
Once you reboot back into the normal mode, ZA will pop with new network found windows, set the new network to Trusted. Then, make sure your DNS and DHCP server IP’s are in your Firewall’s Trusted zone.
Finding DNS and DCHP servers, etc
- Go to Run and type in command and hit ‘ok’, and in the command then type in ipconfig /all then press the enter key. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side. Make sure there is a space between the ipconfig and the /all, and the font is the same (no capitals).
- In ZA on your machine on the Firewall, open the Zones tab, click Add and then select IP Address. Make sure the Zone is set to Trusted. Add the DNS IP(s).
- Click OK and Apply. Then do the same for the DHCP server.
- The localhost (127.0.0.1) must be listed as Trusted.
- The Generic Host Process (svchost.exe) as seen in the Zone Alarm’s Program’s list must have server rights for the Trusted Zone. Plus it must have both Trusted and Internet Access. [Zone Labs]
Option 4: Download and install the latest versions which solve the loss of internet access problem: (Recommended )
- ZoneAlarm Internet Security Suite
- ZoneAlarm Pro
- ZoneAlarm Antivirus
- ZoneAlarm Anti-Spyware
- ZoneAlarm Basic Firewall
Source:→ ZONEALARM SECURITY ADVISORY