Microsoft patch hoses computers running ZoneAlarm
From vnunet.com 10.07.08:
Hundreds of thousands of ZoneAlarm firewall users have been locked out of the internet by Microsoft's latest round of software updates.
Microsoft released four 'important' fixes as part of its regular Patch Tuesday update, one of which left ZoneAlarm users without web access.
The MS08-037 fix is designed to plug a vulnerability in Windows' implementations of the Domain Name System protocol, but has been responsible for "compatibility issues " with ZoneAlarm.
I was afflicted with just this problem yesterday morning when I booted up my XP machine. The previous day I’d been playing around with a couple of new programs as well as installing the 4 patches Microsoft pushed out for July so immediately thought that one of them was responsible. Having established my internet connection was just fine on another computer, I ran a system restore which rolled my machine’s operating system and program files back to a previous state. Thankfully, this finally allowed me to connect to the internet. It was only later in the day that I became aware of the ZoneAlarm problem and that this was the cause of my earlier troubles.
While Zone Labs have now released an updated version of their firewall and internet security suite, they offered three workarounds in the meantime:
1. Uninstall the MS patch – what I effectively did
2. Change the internet security zone setting down from ‘high’ to ‘medium’.
3. Adding the relevant ISP's DNS servers to ZoneAlarm's trusted zone.
For what it’s worth, this problem only hit me since I left Automatic Updates fully on since I last did a clean install of Windows. Previously, I had been in the habit of leaving the setting on ‘Notify me but don't automatically download or install’ after the 2006 debacle when Microsoft started pushing out WGA (Windows Genuine Advantage) via Automatic Updates. As Brian Livingston commented in his article, Dump Windows Update - use alternatives, “the code, which qualifies as spyware under any objective definition, was programmed to contact Microsoft's servers every 24 hours.”
That didn’t sit well with me at all. In case the Redmond giant tried to pull a similar stunt, I adopted a ‘wait and see’ policy for a few days or so after patches were released to observe how they were faring on the machines of the millions of users who jumped straight in and got the updates immediately. That way, if anyone’s system was going to be hosed, it shouldn’t have been mine. Suffice I say after this experience, I’ll be returning to my previous ‘patch practice’ and holding off for a while before installing the monthly batch of patches.
And if you’re wondering, yes, I’m going to be sticking with ZoneAlarm. For one, this fiasco wasn’t actually their fault and now the dust has settled, I don’t think apportioning blame is the best thing for anyone here. Software conflictions remain a fact of life and as long as there are remedies ASAP, it’s something we all just need to live with. While ZoneAlarm isn’t perfect, I’m not convinced there are more effective products that come with fewer overall grievances to choose from right now.