I received a number of call from friends, family, and clients complaining that they were unable to access the internet on Wednesday July 9th. The first one had me puzzled. Running through the typical troubleshooting process. and finally disabeling the Zone Alarm Firewall which resolved the access issues. Then the next call came in with the same issue, Then another..etc. The common factor for all these systems were that each system was was running windows XP SP2 and Zone Alarm. So What was it about Zone Alarm that all of a sudden prevented access to the internet?
The Problem
After a bit of poking, proding and searching, I came across the cause to this problem. Microsoft released a few security patches on Tuesday. One of these patches (KB951748) was released to address a DNS flaw that could lead to DNS cache poisoning. Unfortunately, the hotfix conflicts with Zone Alarm and prevents internet access. Systems that were setup to automatically download and install Windows Updates received this patch.
What I can’t believe is that I’ve seen and heard “Professional” support people actually suggest the fix is to uninstall the firewall. Seriously? Are you Kidding? That is not a solution!
Other suggestions were touninstall the hotfix. Although this would work, you might still be open to the DNS flaw and at risk. Another was to turn the firewall settings to Medium protection. Not as bad as removing the firewall, but still not really an option.
So how does one overcome this annoying issue?
Zone Labs recommended solution is to download and install a new version of Zone Alarm released to resolve this little issue.
Other less desirable and temporary options are:
Uninstall The offending Microsoft HotFix
- Click the “Start Menu”
- Click “Control Panel”, or click “Settings” then “Control Panel”
- Click on “Add or Remove Programs”
- On the top of the add/remove programs dialog box, you should see a checkbox that says “show updates”. Select this checkbox
- Scroll down until you see “Security update for Windows (KB951748)”
- Click “Remove” to uninstall the hotfix
Set Zone Alarms protection to Medium
- Navigate to the “ZoneAlarm Firewall” panel
- Click on the “Firewall” tab
- Move the “Internet Zone” slider to medium
thanks this helped
Thanks! Nice to know I was able to help someone out.