Network News

X My Profile
View More Activity

Zone Alarm Update Fixes Microsoft Patch Problem

Microsoft last week shipped a security update that prevented users of the popular ZoneAlarm firewall products from getting online. ZoneAlarm maker Check Point Software initially told users to uninstall the Microsoft patch, but it has since issued version 7.0.483.0 to fix this problem.

If you have ZoneAlarm set to automatically notify you of software updates, the new version should be offered when you restart the program or Windows. To manually check for updates:

* Open ZoneAlarm and click on the "Check for Update" button.
* Open your ZoneAlarm product interface
* Go to Overview in the left-hand column
* Click on the Preferences tab
* Under "Check for Updates", click the "Check for Update" button.

If you uninstalled the Microsoft update because of this problem, be sure to reinstall the patch (KB951748, a.k.a. MS08-037) after updating ZoneAlarm and rebooting.

I mentioned this compatibility problem at the end of a blog post last Tuesday when Microsoft first issued the patch, along with a link to a ZoneAlarm user forum where company officials were troubleshooting the issue with users. A number of people -- including my stepbrother, who called me over the weekend after his computer got knocked offline because of the Microsoft patch -- felt the problem was serious enough that it should have been called out in a separate blog post. My sincere apologies if this is too-little-too-late for some.

By Brian Krebs  |  July 14, 2008; 11:15 AM ET
Categories:  New Patches  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: A Baker's Dozen of Security Updates for iPhone 2.0
Next: Study: Site Redirects Abundant, Aid Phishers


Oh well. Relatives! What can ya do,eh?

Tell your stepbrother that most of us who
were smacked were able to work through it
on our own. Your blog is always helpful but
you don't have to be a complete handholder.


Posted by: Bill Long | July 14, 2008 12:04 PM | Report abuse

I had this issue as well, but initially thought it was problem with my cable internet through Comcast. I was calling their tech support and before I talked to a person a recorded message mentioned the problem with Zonealarm. I have to give kudos to Comcast (for once) for saving both them and I a lot of time.

Posted by: Comcast | July 14, 2008 12:19 PM | Report abuse

Catch-22: If you open Zone Alarm to get the update, you get disconnected from the internet because you don't have the update.

Posted by: Catawba | July 14, 2008 12:21 PM | Report abuse

For Catch-22, to get the update, move your Internet Zone slider (Firewall tab) in Zone Alarm from High to Medium temporarily. Remember to move it back to High when you are finished to keep maximum ZA protection.

Posted by: Fairfax, VA | July 14, 2008 1:39 PM | Report abuse

i am the brother. how did you work through the problem on your own, bill?

i knew it was a microsoft update after backing up to a restore point and was able to go back online only to perform my ms updates and get knocked off again. i would have then installed the updates one at a time until i found the culprit, but luckily i have brian for my personal tech support. ;) i have no idea how he keeps all the info in his brain that he does. he is super-human.

thanks again, bri. you are the man. now i can go back to wasting time playing online scrabble.

Posted by: eddie | July 14, 2008 1:42 PM | Report abuse

Option 1: Move Internet Zone slider to Medium

1. Navigate to the "ZoneAlarm Firewall" panel
2. Click on the "Firewall" tab
3. Move the "Internet Zone" slider to medium

Option 2: Uninstall the hotfix

1. Click the "Start Menu"
2. Click "Control Panel", or click "Settings" then "Control Panel"
3. Click on "Add or Remove Programs"
4. On the top of the add/remove programs dialog box, you should see a checkbox that says "show updates". Select this checkbox
5. Scroll down until you see "Security update for Windows (KB951748)"
6. Click "Remove" to uninstall the hotfix

Posted by: Anonymous | July 14, 2008 1:44 PM | Report abuse

My internet worked after the update, but for some reason Youtube was blocked. After the ZoneAlarm patch, it works fine.

Posted by: PJ | July 14, 2008 2:52 PM | Report abuse

You are to be commended for this helpful assistance. My wife was cursing Verizon all weekend, claiming they were doing this to her because she refused to upgrade! I told her that was nutty, but she was loaded for bear.

Posted by: frank | July 14, 2008 3:58 PM | Report abuse

I solved my problem by removing zone alarm and downloading and installing COMODO free version of COMDO FIREWALL PRO.

Posted by: L'l John | July 14, 2008 5:20 PM | Report abuse

After restarting several times and messing around with my wireless settings, I called Comcast and they told me what was going on and I was running within seconds. Thanks Comcast.

Thanks for the update on the patch, I'm glad I didn't uninstall the hotfix yet.

Posted by: Gato | July 14, 2008 6:50 PM | Report abuse

I went to the Zonealarm site and downloaded the appropriate newest version of zonealarm (supposed to fix the 'Internet access" problem) w/o moving any firewall tab to "medium" [did not see this].

However, zonealarm will not allow my Firefox browser to access my google homepage if I do not enable mDNSresponder.exe

Posted by: JL | July 14, 2008 7:10 PM | Report abuse

Posted by: TJ | July 14, 2008 9:57 PM | Report abuse

Apparently, I searched my add/remove components and I couldn't find the security update you are mentioning, but I have this problem. Any ideas of what to do?

Posted by: Tom | July 15, 2008 12:07 AM | Report abuse





Posted by: BRUCEREALTOR | July 15, 2008 1:10 AM | Report abuse

I could see via my router that I still had a DSL connection, so I tested the ZA firewall by turning it off. Once I saw that it was ZA, I went to the ZA site which had an alert.

Oddly, I was unable to access for two days thereafter. I note that one comment above referenced a temporary loss of YouTube. Very strange in my view, from a DNS server perspective.

I fault MS for pushing an update that breaks a popular firewall program.

No fault of Brian's, however :)

Posted by: Beck Childs | July 15, 2008 2:30 AM | Report abuse

I had this problem and the ISP did not know about it till yesterday so was withou access for 4 days. There is a problem also with Venturi optimiser provided by the ISP it will let intenet access with zone alarms. Zone alarms have not come up with an answer to the problem.

Posted by: Graeme | July 15, 2008 6:55 AM | Report abuse

After experiencing the problem I did a Restore to the previous day. Then I went to the ZoneAlarm user forum and learned how the problem presented and how to fix it.

This was a serious problem and it would have been appropriate for the ZA vendor to contact us as soon as they knew about it. Not every user goes daily to the ZA forum looking for possible issues.

Posted by: Bartolo | July 15, 2008 7:51 AM | Report abuse

I removed the security update and then turned zone alarm down to medium and got ready to check for updates, but surprise surprise IT WOULDN'T LET ME CONNECT TO THE INERNET TO CHECK FOR UPDATES!!! I am so frustrated i'm ready to get the hammer....

Posted by: Rachel Godman | July 15, 2008 7:59 AM | Report abuse

I also called Comcast support when I lost internet access but I was not that lucky. I was told the problem must be with my modem and I should replace it. So I bought a new modem and when I still could not connect I turned off my Zone Alarm Pro and it worked. It was then that I had the idea to check the Zone Alarm web site and discovered what the problem was and how to fix it.

Posted by: Francis Perey | July 15, 2008 8:00 AM | Report abuse

The ZA debacle shut me down, too. Uninstalling the MS update got me back Firefox3, IE7 and Email via Outlook, but did not restore Opera 9.51, lost when *it* upgraded. The ZA (Security Suite here) update *did* restore Opera, and apparently some other things lost according to the posts.

Posted by: stuart | July 15, 2008 9:33 AM | Report abuse

i got knocked off the internet and i don't even have zone alarm anymore. i used to, and have uninstalled it several times, using windows uninstaller and some other freeware versions. apparently it is still there. so i cannot update my zone alarm, and now i cannot update my windows either. suggestions?

Posted by: graham | July 15, 2008 9:39 AM | Report abuse

had a similar problem recently where add/remove had left elements of a program installed. don't recall what program in particular but was eventually fixed by a Windows repair tool that tracked down all the stray registry entries and removed them. it worked very well, but unfortunately i can't give you an exact link. searching MS help for software removal might do the trick.

Posted by: stuart | July 15, 2008 9:52 AM | Report abuse

Did anyone check TCP/IP settings? A friend found his setting had been changed to use a specific IP address rather than the normal "obtain automatically".

Posted by: bb | July 15, 2008 10:14 AM | Report abuse

I was on the phone with AT&T Tech support for literally hours trying to figure out what had happened. We tried the modem. We tried the drivers. Finally I wondered out loud, "I wonder if my Zone Alarm is blocking the signal." To which the astute tech replied, "Oh, we're having issues with Zone Alarm. Here's the 800 number." This was Monday night. If this had been going on for so long, and it was a Windows issue, why had they not put info into their hold message - and why was it not asked immediately??? I was incredulous. BellSouth had much better tech support before it was bought out by AT&T.

Posted by: JimMc | July 15, 2008 11:28 AM | Report abuse

@ Tom
Just go the the zonealarm website

In the middle of the page you will see a yellow sign (dated July 8, 2008) which addresses the Microsoft update problem. Click on "click here". It will take you to a page where you can download the latest zonealarm product (depends on which one you have. It will install over your old zonealarm.

Then you can install/re-install the MS patch.

Posted by: JL | July 15, 2008 11:34 AM | Report abuse

There seems to be a correlation between the amount of software installed on a system and the increased likelihood of some type of patch causing problems.

I say that because in my own experience of strictly using a policy of limiting the amount of software installed on my system, I have rarely had issues when installing patches. In this case, I do not use a software firewall other than the built in one of XP SP3 (along with a hardware firewall as the main defense). I also do not install all-in-one security suites which typically include their own firewalls.

The point being, by keeping things minimal (in software installation) reduces the system complexity thereby limiting the chances of some incompatibility. Not to mention it simplifies the amount of software that needs patching and keeps the system running lean and mean as it's not bogged down with software processes running in the background or taking up hard drive space or loading up the registry with garbage.

Posted by: TJ | July 15, 2008 11:44 AM | Report abuse

I did the same as Lil' John; removed ZoneAlarm and installed Comodo. What really ticked me off was not the problem itself, but ZoneAlarm's lack of response. Even before providing a solution, the company should immediately have emailed its customers to indicate there was a problem and that they were working on it. The lack of communication more than a lack of an immediate solution is something all companies should beware.

Posted by: Alan Dean Foster | July 15, 2008 11:51 AM | Report abuse

I just spent too long on the phone with Comcast to get this figured out. He was nice and helpful but I had mentioned that I had just done Windows updates and he only thought of the Zone Alarm thing after we'd tried a bunch of other stuff. And I know a lot of the people he talks to don't know a modem from a hole in the ground, but I didn't appreciate being talked to like I was one of them after I thought I'd made it clear that I knew a thing or two. Oh well, I'm back online.

Posted by: A | July 15, 2008 4:34 PM | Report abuse

I was just commenting to my co-workers today that something was up with ZoneAlarm, because suddenly I couldn't connect to any network drives with it running. I have done enough work testing network stuff to know that ZA is the first thing you turn off if you are having connection issues. I wonder if the Windows firewall had the same problem, or if this was MS "accidently" breaking a competitor's product.

Posted by: Zap B. | July 15, 2008 5:12 PM | Report abuse

I guess my experience was atypical. The update came through first thing in AM and I installed it. After reboot I couldn't connect to the internet, but the error message was different than the normal one I would get if it was a modem, broadband or internet problem. I immediately thought that the only thing that changed was the update. I removed it, rebooted and all was fine. It took me a few minutes to figure this out and I'm not a computer professional. Why did so many people struggle for so long? Is it not knowing their systems? I'm not bragging, just curious.

Posted by: ERS | July 15, 2008 5:48 PM | Report abuse

My computer locked up when I booted up. I managed to shut down Zone Alarm, do a system restore, uninstall Zone Alarm, and install AVG. Zone Alarm has been buggy lately anyway and it gave me the excuse to get rid of it.

Posted by: nkyphotos | July 15, 2008 5:55 PM | Report abuse

I'm surprised none of these posts expresses any outrage at either Zone Alarm or Microsoft for their arrogant advice for a fix: either set ZA to a lower level of firewall protection or uninstall a critical MS security update. Now that's brilliant. Two choices, both of which significantly compromise the security of my computer. When I rang Microsoft tech support last week (after getting nowhere with my ISP) the techie said, "Well just change your firewall protection to medium," as if I was a dummy not to know that the solution was to make my computer more vulnerable to attack.
Yes, I agree with four stepbrother. I think you dropped the ball on not holding SA and MS's feet to the fire on this.

Posted by: July 16 | July 15, 2008 6:26 PM | Report abuse

This all made me very mad. I spent two days restarting my computer and unplugging all the cords to try and reset my internet connection. A friend finally told me about the problem with Zonealarm, so I had to turn off Zonealram, go on the internet unprotected and get the update. When I finally did all that, the updated Zonealarm froze my whole computer up, it was sooo slow. I have since uninstalled ZoneAlarm Security Suite (which i paid enough money for in January) and bought Norton Internet Security 2008. I am so mad with the Zonealarm company. Why didn't they send me an email to tell me about the problem? (becuase I did use my office comp during this time). And why did they rush the update to fix this problem, because the update screwed up the rest of my computer. I will never use Zonealram again!!

Posted by: johnjohn | July 15, 2008 6:48 PM | Report abuse

@johnjohn Good luck with Norton 2008 - it messed up my computer so badly that I had to get rid of it.

Posted by: JBV | July 15, 2008 7:02 PM | Report abuse

The link doesn't work for me. I'll click on it but I get the same message I've always gotten.......and I get nowhere.

At this point I'd rather dump ZA completely and go with something else.

Posted by: To JL | July 15, 2008 10:21 PM | Report abuse


I suspect jumping from one security suite to another isn't going to solve much. But what you describe in your post is a good example of what I posted previously on reducing system complexity by limiting the software installed on a system.

"problem with Zonealarm, so I had to turn off Zonealram, go on the internet unprotected and get the update."

This is why you should NEVER rely on ONLY a software firewall to protect you. Best practice of defense in depth dictates a hardware firewall as a first line of defense (on the perimeter).

Posted by: TJ | July 15, 2008 10:30 PM | Report abuse

to JBV, Norton is working great for me so far.

to TJ, my comp is working fine now, in fact, the second that i shut off zonealarm to uninstall it, my computer stopped freezing up. I hope Norton is a good program. And now that I think about it i probably wasn't completely unprotected without zonealarm - I have a Belkin router which i assume has a hardware firewall.

Thanks everyone, keep replying to my previous post, I love this internet chit chat lol


Posted by: johnjohn | July 15, 2008 11:27 PM | Report abuse

I think Zap B. said it best (Posted by: Zap B. | July 15, 2008 5:12 PM)
".... I wonder if the Windows firewall had the same problem, or if this was MS "accidently" breaking a competitor's product....".

MicroSoft has demonstrated many times over the various releases of their Windows OS products that they don't really give a "..Big R.. A..." about third party competitor's products problems with their OS upgrades or Hot Fixes.

I work in IT. I am a so called "Dinosaur Admin" (IBM Mainframe SysAdmin) but also responsible for network and desktop support. IBM issues their version of Hot Fixes called PTF's (Program Temporary Fixes). A couple of decades ago, a lot of us called them "Poorly Tested Fixes". I think Microsoft should start calling their Hot Fixes "PTFs" as well.

But to the problem at hand.

I have three systems at different WinXP SP2 versions (work - XP/Pro; Home - XP/HomeEdition and XP/MediaCenter) and they all reacted differently to the MS KB951748 update. XP Pro and HomeEdition would circumvent and allow the ZoneAlarm update and Internet Zone access in Internet Security Medium setting.

XP/MediaCenter failed at all ZA Internet Security levels, including OFF, and would only download the ZA update with ZA terminated (and Windows Firewall turned ON - I'm no dummy).

All three versions of XP work fine after upgrading ZoneAlarm (Free and Security Suite) to V7.0.483.000.

I use both hardware (LinkSys WiFi Router) and software (ZoneAlarm) firewalls for security at home. I have used several software firewalls and find the ZoneAlarm firewall product to be the most configurable. In my personal estimation, MS is the worst and Symnantec is only a few notches better than MS from a configurable standpoint. I am sticking with ZoneAlarm at all XP levels.

Posted by: silverfox | July 15, 2008 11:53 PM | Report abuse


The link doesn't work for me. I'll click on it but I get the same message I've always gotten.......and I get nowhere.

At this point I'd rather dump ZA completely and go with something else.

Posted by: Tom | July 16, 2008 12:02 AM | Report abuse

Re the MS Update vs. ZoneAlarm no-connect debacle of last Tuesday: I don't have ZA, never have, but I do have Symantec. I read the accompanying text about all three updates carefully, then d/l'd them & all seemed to go well. After re-starting my laptop, I decided to update the Symantec, then run my regular Symantec "Quick Scan". Guess what? The update wouldn't run after seeming to load about 3/8's of the bar, with an error notice telling me it couldn't connect to the 'net. Strangely, nothing else seemed affected: IE7 hooked up fine, could surf all sorts of places, just no Symantec update. Googled the MS updates, read about the ZA probs, decided to pull 2 of the 3 updates out by the roots. Since then, no issues: Symantec updates, loads, runs, scans.

Now, for my question: what the heck is going on here?

Posted by: Neon Java | July 16, 2008 12:06 AM | Report abuse

Thanks for the heads up. I hadn't noticed the Windows Update and was frustrated as to why the one PC was out of the loop on my network (Roku, 360, and Mac all working fine). I've been having problems with my cable modem and my Zone Alarm subscription had run out. I had thought maybe ZA screwed it up since I hadn't paid up. ;) Smarmy first comments are not helpful, but what can you do, eh!?!?!

Posted by: HP | July 16, 2008 1:10 AM | Report abuse

I updated ZA, reinstalled the patch, and now -surprise surprise- the result is the same. My internet connection is dead as long as I keep ZA internet settings on high. Suggestions?

Posted by: Lily | July 16, 2008 3:42 AM | Report abuse

Try leaving the Internet Zone Security on high, but move the Trusted Zone Security to medium. I think that is what ZA recommends and that is where my settings are and I have no problems.

Posted by: JL | July 16, 2008 8:43 AM | Report abuse

Interesting reading!!! I am completely computer illiterate when it comes to knowing about all the features like upgrades, etc. The installations I have on my computer are the ones my son set up for me when I got this computer a couple of years ago. He is very knowledgeable, but not around right now.

We recently moved and switched to a different internet provider, so when I started having trouble connecting to the internet I just assumed it was the new provider. I could get online occasionally, but then I would lose the connection at any point -- no rhyme or reason that I could tell. It was so frustrating. I was randomly looking around at some point and saw the System Restore feature and gave that a try...I set it to a day last week that I knew I had gotten on with no problem and then I was able to get online. After a while the same connection problem started up again though, so as I said it has been very frustrating.

This morning I was trying to get online and I noticed that my computer had a very strong wireless connection but I could not connect to the internet. The Zone Alarm icon caught my attention and I clicked on it...I decided "what the heck" and turned it off to see what that would do. Immediately I was able to get online!!! BUT now the Zone Alarm icon is gone and I have no idea how to get it back or what to do at this point.

Any words of advice...IN VERY BASIC TERMS? BTW, I never use this computer for anything important or put in any information that could cause a problem, but I still feel I would like to have some kind of protection. Thank you.

Posted by: Rose | July 16, 2008 9:22 AM | Report abuse

Just want to say thank-you!

I spent hours trying to resolve w/ Comcast last Wednesday & Thursday (they even sent a tech over). We ultimately did a system restore (back to the prior Tuesday), which worked until the next morning when MS automatically reinstalled, leaving me once again without internet access.

I'd been waiting a week for help from a techie relative, when my BIL forwarded me your blog. Brian's instructions worked fine once I followed the Catch 22 ZA advice.

Thank-you Brian & "Fairfax, VA" you guys rock!!

Posted by: Traci | July 16, 2008 3:35 PM | Report abuse

Well, I finally had to turn off automatic updates from my pc, after deleting the latest update from microsoft. I can only imagine how frustrated and angry Zone Alarm must be with all the disgruntled users blaming them, when it is not their fault! Who knows, maybe microsoft deliberately designed their update to mess up Zone Alarm, since Zone Alarm is one of the top leading firewall and virus systems out on the market. Who knows what spyware may be implanted in the latest microsoft update, and they don't like how Zone Alarms program works to prevent such spyware etc. I've had Zone Alarm for years and love it, and I also like to keep it on full stealth mode, so I will not follow the direction of some to keep it on medium level, so microsoft updates can work.

My next pc will be a Mac, because I'm sick of Microsoft!!!

Posted by: Microsoft Monster | July 19, 2008 11:21 AM | Report abuse

I've found that ZA has always been a problem; so I changed. There are many pgms our there that do the same or similar things w/o all the problems that ZA seem to have.


Posted by: Eli Baker | July 20, 2008 10:19 AM | Report abuse

To Rose - you wanted to know how to turn Zone Alarm back on. After you turn your computer off, Zone Alarm will automatically come back on when you start up again.

If you do not want to turn your computer off, just click on the START button, then on PROGRAMS, then on ZONE ALARM. If you get another drop down box, click on ZONE ALARM in the drop own box. It will start right up for you.

Posted by: Nancy | July 20, 2008 10:31 AM | Report abuse

The Zone Alarm update is not for the free basic version. It's for the Security Suite, which I don't need or want. Sooo... no update for the free version I suppose?

Posted by: DMC | July 20, 2008 12:06 PM | Report abuse

The Zone Alarm update is for all versions. Go to

Then download the Zonealarm Basic Firewall.

Posted by: JL | July 20, 2008 5:34 PM | Report abuse

Is it any wonder why end users loathe all this patching and so many refuse to do it? The risk from hackers and mal-formed web pages *might* cause you computer problems but MS updates are *guaranteed* to cause problems. I still don't get why so many people are using PC's (XP & Vista) that can be shut down remotely at the whim of MS (WGA - We Got your A$$). Linux forever!

Posted by: Peggy Miller | July 21, 2008 12:14 PM | Report abuse

"The risk from hackers and mal-formed web pages *might* cause you computer problems but MS updates are *guaranteed* to cause problems."

You have that backwards! :)

"Is it any wonder why end users loathe all this patching and so many refuse to do it?"

Do so at your own peril. Patching is one layer of defense in a defense in depth strategy. By not patching, you are only increasing your risk and giving the bad guys a chance in exploiting a vulnerability and compromising your system.

Posted by: TJ | July 23, 2008 12:37 PM | Report abuse

ukoapds ycnbrdi ivztrgc beygp job nursing psychiatric job nursing recruiter us job nursing registered

Posted by: job nursing registered | July 30, 2008 10:22 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company