FIX for ZoneAlarm & KB951748 issue released

[John John (MVP)]

Re: FIX for ZoneAlarm & KB951748 issue released

Kayman wrote:

> On Fri, 18 Jul 2008 12:43:26 -0300, John John (MVP) wrote:
>
> <snip for brevity>
>
>>>>Before Windows XP what were people using?
>>>
>>>I don't know but *I* was using a 3rd party (so-called) firewall application
>>>and (incidentally) Registry Cleaner
>>
>>What do registry cleaners have to do with firewalls? Why are you even
>>mentioning them here, if only as a feeble attempt to muddle the issue?
>
>
> John, John (MVP), as I mentioned in a preceding thread, you can't be very
> intelligent and your lateral thinking capabilities are vitually not
> existent! Prior NT these apps were basically regarded essential tools.
> Don't you you know the meaning of *"incidentally"*?


The best you can do now is resort to personal attacks, says a lot about you.

The point to be made is that before XP was released third party firewall
products were the only alternative to hardware firewalls, many of these
third party firewall products were good and many were free. These were
trusted applications from trusted companies. Then, overnight, just
because Windows XP was released, in the eyes of a zealous few these
companies became villains peddling worthless products! A couple of
individuals decided to tar and feather a whole ISV group with the same
wide brush! That is wrong, absolutely wrong, and the attack on some of
those ISVs is completely unwarranted, those ISVs were trusted companies
the day before XP hit the market and they were no less trustworthy the
day after XP was released. Much of the hype against those ISVs is
nothing more than blind zealotry!

There is also a developing and troubling trend in this whole debate, one
that some people are bent on spreading at all costs, that because
software firewalls are not immune to exploits by malware attempting to
send data to outside networks, then by simple deduction any and all
egress filtering as a security concept is unnecessary. Egress filtering
at the perimeter, done by reliable network appliances, is a vital part
of network security, without proper egress control your network security
is incomplete, ignore egress traffic at your own perils! Maybe you do
not value your data, but others do! In a perfect world there would be
no pests, no virus, worms, or trojans. No one would try to pry at your
private data and malicious attacks against computers would be non
existent. Of course we don't live in a perfect world and people are
going to continue to get infected with all kinds of pests and some of
those pests will attempt to steal private data, the value of egress
control has not diminished when Windows XP was released, over the years
the need for proper egress filtering has not diminished or vanished, it
has increased.

John

 

[Paul (Bornival)]

Re: FIX for ZoneAlarm & KB951748 issue released

"Harry Johnston [MVP]" wrote:

> V Green wrote:
>
> > ZA WORKED before the update. The update BROKE it.
> > So it's ZA's problem?
>
> Strictly speaking, ZA prevented the update from functioning properly. For the
> record, according to my best understanding of the technical details of the
> conflict, even if Microsoft had known about the issue there wasn't anything they
> could have done about it.
>
> Harry.
>

Where can we find the technical details of the incompatibility. I have been
looking hard but have not found anything relevant so far (or so vague you
can't understand what is going on).

 

[Harry Johnston [MVP]]

Re: FIX for ZoneAlarm & KB951748 issue released

Paul (Bornival) wrote:

> Where can we find the technical details of the incompatibility. I have been
> looking hard but have not found anything relevant so far (or so vague you
> can't understand what is going on).

I believe there is some information on the ZoneAlarm forums, and there's been a
fair bit of discussion in microsoft.public.windowsupdate.

The quick summary, as I understand it, is that ZoneAlarm couldn't cope with the
fact that the update modified some of the system files associated with internet
access. It wasn't anything specific about the way they were changed, simply the
fact that they had changed.

Harry.

 

[Kayman]

Re: FIX for ZoneAlarm & KB951748 issue released

On Sun, 20 Jul 2008 10:57:01 -0700, Paul (Bornival) wrote:

> "Harry Johnston [MVP]" wrote:
>
>> V Green wrote:
>>
>>> ZA WORKED before the update. The update BROKE it.
>>> So it's ZA's problem?
>>
>> Strictly speaking, ZA prevented the update from functioning properly. For the
>> record, according to my best understanding of the technical details of the
>> conflict, even if Microsoft had known about the issue there wasn't anything they
>> could have done about it.
>>
>> Harry.
>>
>
> Where can we find the technical details of the incompatibility. I have been
> looking hard but have not found anything relevant so far (or so vague you
> can't understand what is going on).

Informative reading:

Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor Patch
Released
http://securosis.com/2008/07/08/dan...ue-in-dns-massive-multivendor-patch-released/

"Dan Kaminsky was finally successful in getting the security research
community to back his claims to the design flaw with DNS."
http://tech.blorge.com/Structure: /2008/07/11/skepticism-relieved-with-dns-bug/

DNS flaw discoverer says more permanent fixes will be needed
Current patch options merely stopgaps; worst attacks likely on the way
http://www.computerworld.com/action...ewArticleBasic&articleId=9110284&pageNumber=1

Just a quick note...
http://www.doxpara.com/

Multiple DNS implementations vulnerable to cache poisoning
http://www.kb.cert.org/vuls/id/800113

 

[Kayman]

Re: FIX for ZoneAlarm & KB951748 issue released

On Sun, 20 Jul 2008 10:24:26 -0300, John John (MVP) wrote:

> Kayman wrote:
>
>> On Fri, 18 Jul 2008 12:43:26 -0300, John John (MVP) wrote:
>>
>> <snip for brevity>
>>
>>>>>Before Windows XP what were people using?
>>>>
>>>>I don't know but *I* was using a 3rd party (so-called) firewall application
>>>>and (incidentally) Registry Cleaner
>>>
>>>What do registry cleaners have to do with firewalls? Why are you even
>>>mentioning them here, if only as a feeble attempt to muddle the issue?
>>
>>
>> John, John (MVP), as I mentioned in a preceding thread, you can't be very
>> intelligent and your lateral thinking capabilities are vitually not
>> existent! Prior NT these apps were basically regarded essential tools.
>> Don't you you know the meaning of *"incidentally"*?
>
>
> The best you can do now is resort to personal attacks, says a lot about you.

Nonsense, the "attacks" are nothing but observations based on *your*
immature and ill informed responses! In any case, you made your own bed!
You started this by calling me names (remember?)...I can only assume you
were smoking this stuff (i.e. crack & pot).

> The point to be made is that before XP was released third party firewall
> products were the only alternative to hardware firewalls, many of these
> third party firewall products were good and many were free.

Yes, as I had mentioned many times previously - *Prior NT*!

> These were trusted applications from trusted companies.

I wouldn't go that far, but admittedly some of these software were suitable
for platforms prior NT.
(Which company did you say you are representing?)

> Then, overnight, just
> because Windows XP was released, in the eyes of a zealous few these
> companies became villains peddling worthless products! A couple of
> individuals decided to tar and feather a whole ISV group with the same
> wide brush! That is wrong, absolutely wrong, and the attack on some of
> those ISVs is completely unwarranted, those ISVs were trusted companies
> the day before XP hit the market and they were no less trustworthy the
> day after XP was released. Much of the hype against those ISVs is
> nothing more than blind zealotry!

You rant is (again) embarrassing. And *YES*, with the introduction of XP
these 3rd party personal (so-called) firewalls became superfluous [PERIOD]!
The makers of these Illusion Ware recognized this very quickly. The dollar
almighty is their foremost motivation, not users' security..hence the hype!
(by which you're blinded with).

> There is also a developing and troubling trend in this whole debate, one
> that some people are bent on spreading at all costs, that because
> software firewalls are not immune to exploits by malware attempting to
> send data to outside networks, then by simple deduction any and all
> egress filtering as a security concept is unnecessary. Egress filtering
> at the perimeter, done by reliable network appliances, is a vital part
> of network security, without proper egress control your network security
> is incomplete, ignore egress traffic at your own perils!

Fact:
Outbound control on an XP platform as a security measure against malware is
still utter nonsense.
The windows platform was designed with usability in mind providing all
kinds of possibilities for e.g. inter-process communication. This
together with the very high probability that the user is running with
unrestricted rights makes it impossible to prevent malware allowed to
run and determined to by-pass any outbound "control" (which, of course
modern malware is) from doing so. It's simply too unreliable to
qualify as a security measure.

Fact:
Malware must be stopped at the front door and *NOT* allowed to run
believing that its behavior can be somehow "controlled". In a
multi-purpose OS like windows with all programs running with
unrestricted rights, if program A can control program B, what prevents
program B from controlling program A (or C which A has already granted
permission for that matter)? (thx RK)

> Maybe you do not value your data, but others do!

There you go *again*, another "crystal ball" statement!
You don't know *my* values! And you're really talking about *YOU*, now
don't you?

> In a perfect world there would be
> no pests, no virus, worms, or trojans. No one would try to pry at your
> private data and malicious attacks against computers would be non
> existent. Of course we don't live in a perfect world and people are
> going to continue to get infected with all kinds of pests and some of
> those pests will attempt to steal private data, the value of egress
> control has not diminished when Windows XP was released, over the years
> the need for proper egress filtering has not diminished or vanished, it
> has increased.

Fact:
The only reasonable way to deal with malware is to prevent it from being
run in the first place. That's what AV software or Windows' System
Restriction Policies are doing. And what 3rd party Personal (so-called)
Firewalls fail to do!

John John (MVP), would you please educate and inform yourself by studying
publications not associated with any COMMERCIAL influence. Additionally,
the authors of these publications can be contacted....why don't you bite
the bullet and do so? It'll brighten your horizon and you could pass on
your newly acquired knowledge to this and other newsgroups.

You may wish to utilize this:
Configuring NT-services much more secure.
http://www.ntsvcfg.de/ntsvcfg_eng.html

 

[Root Kit]

Re: FIX for ZoneAlarm & KB951748 issue released

On Sun, 20 Jul 2008 10:24:26 -0300, "John John (MVP)"
<audetweld@nbnet.nb.ca> wrote:

>The point to be made is that before XP was released third party firewall
>products were the only alternative to hardware firewalls

That's not entirely true. You are missing the obvious (and in fact
most secure) alternative of shutting down the unneeded network
services (which should of course have been the windows default
setting). I used to run a W2K machine with a direct Internet
connection without any inbound "protection" at all and without
problems for several years. And to be honest, still today I wouldn't
loose any sleep over operating a hardened W2K client machine directly
on the net.

>These were trusted applications from trusted companies.

I guess that's an opinion open for debate.

>Then, overnight, just because Windows XP was released, in the eyes of a
>zealous few these companies became villains peddling worthless products!

That's also not true. They were highly criticized among specialists
already before that. It's just hard to get through the marketing
noise.

>A couple of individuals decided to tar and feather a whole ISV group with the same
>wide brush! That is wrong, absolutely wrong, and the attack on some of
>those ISVs is completely unwarranted, those ISVs were trusted companies
>the day before XP hit the market and they were no less trustworthy the
>day after XP was released. Much of the hype against those ISVs is
>nothing more than blind zealotry!

I think it's absolutely fair that some people stand up against the
obvious hype and in cases utter nonsense that the marketing
departments of these companies were and are still using to fool less
knowledgeable users into buying their products. I find it a bit
worrying that an MVP does not have the technical insight to see
through the smoke.

I've asked this before without getting any responses: Why are there no
web pages with listings of personal firewall software available for
Linux? Well, don't bother. I already know the answer.

Please understand that I'm not in any way trying to "defend" MS. I
fully recognize that windows has it's serious security flaws. But when
claiming that it can be made more secure by adding further highly
questionable code to it, one has stepped away from technical sense and
into emotional reasoning - often backed by non-applicable analogies.

>There is also a developing and troubling trend in this whole debate, one
>that some people are bent on spreading at all costs, that because
>software firewalls are not immune to exploits by malware attempting to
>send data to outside networks, then by simple deduction any and all
>egress filtering as a security concept is unnecessary.

Who is that? - I for sure have not been spreading that thought.

>Egress filtering at the perimeter, done by reliable network appliances, is a vital part
>of network security,

Agreed.

 

[Root Kit]

Re: FIX for ZoneAlarm & KB951748 issue released

On Mon, 21 Jul 2008 07:41:27 +0700, Kayman
<kaymanDeleteThis@operamail.com> wrote:

>> The point to be made is that before XP was released third party firewall
>> products were the only alternative to hardware firewalls, many of these
>> third party firewall products were good and many were free.
>
>Yes, as I had mentioned many times previously - *Prior NT*!

In fact even the windows 9x platform usually didn't need any packet
filtering. You'd just have to unbind any network service from your
network interface that you didn't want.

 

[John John (MVP)]

Re: FIX for ZoneAlarm & KB951748 issue released

Kayman wrote:

> Fact:
> The only reasonable way to deal with malware is to prevent it from being
> run in the first place. That's what AV software or Windows' System
> Restriction Policies are doing. And what 3rd party Personal (so-called)
> Firewalls fail to do!
>
> John John (MVP), would you please educate and inform yourself by studying
> publications not associated with any COMMERCIAL influence. Additionally,
> the authors of these publications can be contacted....why don't you bite
> the bullet and do so? It'll brighten your horizon and you could pass on
> your newly acquired knowledge to this and other newsgroups.

Only a fool would claim that proper egress control has no place in
network security. Even the experts at Microsoft advise users to protect
their data with egress control. You, of course, also know better than
the folks at Microsoft.

John

 

[Root Kit]

Re: FIX for ZoneAlarm & KB951748 issue released

On Mon, 21 Jul 2008 09:14:31 -0300, "John John (MVP)"
<audetweld@nbnet.nb.ca> wrote:

>Only a fool would claim that proper egress control has no place in
>network security. Even the experts at Microsoft advise users to protect
>their data with egress control.

Beside of the fact that "Only a fool would claim..." marks the
beginning of a non-argument - who are you addressing here? I don't
recall anyone making the claim you're stating.

 

[Kayman]

Re: FIX for ZoneAlarm & KB951748 issue released

On Mon, 21 Jul 2008 09:14:31 -0300, John John (MVP) wrote:

> Kayman wrote:
>
>> Fact:
>> The only reasonable way to deal with malware is to prevent it from being
>> run in the first place. That's what AV software or Windows' System
>> Restriction Policies are doing. And what 3rd party Personal (so-called)
>> Firewalls fail to do!
>>
>> John John (MVP), would you please educate and inform yourself by studying
>> publications not associated with any COMMERCIAL influence. Additionally,
>> the authors of these publications can be contacted....why don't you bite
>> the bullet and do so? It'll brighten your horizon and you could pass on
>> your newly acquired knowledge to this and other newsgroups.
>
> Only a fool...

You just can't help yourself, can you.
Name calling does not hide your immaturity.

> ...would claim that proper egress control has no place in network security.

Where precisely did I claim that?

> Even the experts at Microsoft advise users to protect their data with
> egress control.

Which 3rd party personal (so-called) firewall is MSFT recommending?
Where are links, URL's, publications?

> You, of course, also know better than the folks at Microsoft.

Your assumption is nothing but an assumption (you've got to replace that
crystal ball). And who in particular from MSFT are you referring to? I'd be
genuinely interested to read their write-ups. If you're referring to the
authors already mentioned in this thread, please point me to their
publication(s) which state that 3rd party personal (so-called) firewall is
an effective tool for controlling egress traffic.
It seems you either totally not understanding my point or deliberately
evading the issue!
MSFT knows exactly well that outbound application protection is an
illusion, which is why they don't offer such a (phony-baloney) thing.
Unlike you, they understand the nature of their operating system, and are
even honest enough to admit that outbound control is way too unreliable.
Even commercial enterprises like Sunbelt, makers of Kerio and Steve Gibson
of Gibson Research Corporation have finally conceded this fact!
Now don't change directions here and twist this straightforward post into a
convoluted psychedelic drivel.
John John (MVP), WHERE IS THE BEEF? SHOW US THE MONEY! PUT UP OR SHUT UP!

 

[Paul (Bornival)]

Re: FIX for ZoneAlarm & KB951748 issue released

"Kayman" wrote:

> > Where can we find the technical details of the incompatibility. I have been
> > looking hard but have not found anything relevant so far (or so vague you
> > can't understand what is going on).
>
> Informative reading:
>
> Dan Kaminsky Discovers Fundamental Issue In DNS: ...

Thank you. But I have actually read all those documents. What I was
interested in was to understand the technical (ral) reason for the
incompatibility of ZA with KB951748.

 

[Paul (Bornival)]

Re: FIX for ZoneAlarm & KB951748 issue released

"Harry Johnston [MVP]" wrote:

> Paul (Bornival) wrote:
>
> > Where can we find the technical details of the incompatibility. I have been
> > looking hard but have not found anything relevant so far (or so vague you
> > can't understand what is going on).
>
> I believe there is some information on the ZoneAlarm forums, and there's been a
> fair bit of discussion in microsoft.public.windowsupdate.
>
> The quick summary, as I understand it, is that ZoneAlarm couldn't cope with the
> fact that the update modified some of the system files associated with internet
> access. It wasn't anything specific about the way they were changed, simply the
> fact that they had changed.
>
> Harry.


Thank you for your reply. I checked these forums but could not find
specific information. Do you know which files were modified and why ZA could
not cope with them ?

 

[John John (MVP)]

Re: FIX for ZoneAlarm & KB951748 issue released

Kayman wrote:
> On Mon, 21 Jul 2008 09:14:31 -0300, John John (MVP) wrote:
>
>
>>Kayman wrote:
>>
>>
>>>Fact:
>>>The only reasonable way to deal with malware is to prevent it from being
>>>run in the first place. That's what AV software or Windows' System
>>>Restriction Policies are doing. And what 3rd party Personal (so-called)
>>>Firewalls fail to do!
>>>
>>>John John (MVP), would you please educate and inform yourself by studying
>>>publications not associated with any COMMERCIAL influence. Additionally,
>>>the authors of these publications can be contacted....why don't you bite
>>>the bullet and do so? It'll brighten your horizon and you could pass on
>>>your newly acquired knowledge to this and other newsgroups.
>>
>>Only a fool...
>
>
> You just can't help yourself, can you.
> Name calling does not hide your immaturity.
>
>
>>...would claim that proper egress control has no place in network security.
>
>
> Where precisely did I claim that?
>
>
>>Even the experts at Microsoft advise users to protect their data with
>>egress control.
>
>
> Which 3rd party personal (so-called) firewall is MSFT recommending?
> Where are links, URL's, publications?
>
>
>>You, of course, also know better than the folks at Microsoft.
>
>
> Your assumption is nothing but an assumption (you've got to replace that
> crystal ball). And who in particular from MSFT are you referring to? I'd be
> genuinely interested to read their write-ups. If you're referring to the
> authors already mentioned in this thread, please point me to their
> publication(s) which state that 3rd party personal (so-called) firewall is
> an effective tool for controlling egress traffic.
> It seems you either totally not understanding my point or deliberately
> evading the issue!
> MSFT knows exactly well that outbound application protection is an
> illusion, which is why they don't offer such a (phony-baloney) thing.
> Unlike you, they understand the nature of their operating system, and are
> even honest enough to admit that outbound control is way too unreliable.
> Even commercial enterprises like Sunbelt, makers of Kerio and Steve Gibson
> of Gibson Research Corporation have finally conceded this fact!
> Now don't change directions here and twist this straightforward post into a
> convoluted psychedelic drivel.
> John John (MVP), WHERE IS THE BEEF? SHOW US THE MONEY! PUT UP OR SHUT UP!

You constantly shift the discussion from the value of proper egress
filtering to software firewalls, even though I have said right from the
start that egress filtering at the firewall can be foiled and that users
should consider better methods. So get it in your thick skull, egress
filtering at a perimeter appliance is a sound security measure, even the
folks at Microsoft will tell you this:
http://msdn.microsoft.com/en-us/library/aa302431.aspx

Now maybe you should read what is says there and get a grip on yourself,
you don't know all that there is to know about network security and data
protection! Quite frankly you should not be one to speak of drivel, you
spew enough of it yourself! If you are really too stupid to recognize
the purpose and usefulness of egress traffic control then you are indeed
lacking in the basics of network and data security!

John

 

[Harry Johnston [MVP]]

Re: FIX for ZoneAlarm & KB951748 issue released

John John (MVP) wrote:

> You constantly shift the discussion from the value of proper egress
> filtering to software firewalls, even though I have said right from the
> start that egress filtering at the firewall can be foiled and that users
> should consider better methods. So get it in your thick skull, egress
> filtering at a perimeter appliance is a sound security measure, [...]

As far as I recall, nobody in this thread has ever said otherwise. The
discussion is about software firewalls, after all!

Harry.

 

[Harry Johnston [MVP]]

Re: FIX for ZoneAlarm & KB951748 issue released

Paul (Bornival) wrote:

> Thank you for your reply. I checked these forums but could not find
> specific information. Do you know which files were modified and why ZA could
> not cope with them ?

The Microsoft KB article describes the files that the update replaces:

http://support.microsoft.com/kb/951748

<http://support.microsoft.com/kb/951748>

I haven't confirmed this myself, but my understanding is that ZA assumed that
the changes were due to malware infection and refused to use the files.

Harry.

 

[Paul (Bornival)]

Re: FIX for ZoneAlarm & KB951748 issue released

nOh, thank you.
Any idea why ZA assumed those changes were due to malware infection. I like
to know the details sice, after all, software is not "magic" but somethig
made by a human (and therefore, intelligible by another human) to be used by
a machine (and not the opposite).
Paul.

"Harry Johnston [MVP]" wrote:

> Paul (Bornival) wrote:
>
> > Thank you for your reply. I checked these forums but could not find
> > specific information. Do you know which files were modified and why ZA could
> > not cope with them ?
>
> The Microsoft KB article describes the files that the update replaces:
>
> http://support.microsoft.com/kb/951748
>
> <http://support.microsoft.com/kb/951748>
>
> I haven't confirmed this myself, but my understanding is that ZA assumed that
> the changes were due to malware infection and refused to use the files.
>
> Harry.
>

 

[Root Kit]

Re: FIX for ZoneAlarm & KB951748 issue released

On Tue, 22 Jul 2008 08:10:00 +1200, "Harry Johnston [MVP]"
<harry@scms.waikato.ac.nz> wrote:

>I haven't confirmed this myself, but my understanding is that ZA assumed that
>the changes were due to malware infection and refused to use the files.

Firewalls should just deal with network traffic. The fact that ZA has
to resort to HIPS technology speaks volumes about what business they
got themselves into.

 

[John John (MVP)]

Re: FIX for ZoneAlarm & KB951748 issue released

Harry Johnston [MVP] wrote:
> John John (MVP) wrote:
>
>> You constantly shift the discussion from the value of proper egress
>> filtering to software firewalls, even though I have said right from
>> the start that egress filtering at the firewall can be foiled and that
>> users should consider better methods. So get it in your thick skull,
>> egress filtering at a perimeter appliance is a sound security measure,
>> [...]
>
>
> As far as I recall, nobody in this thread has ever said otherwise. The
> discussion is about software firewalls, after all!
>
> Harry.

Read Kayman's posts, specifically:


John said:

>>There is also a developing and troubling trend in this whole debate, one
>>> that some people are bent on spreading at all costs, that because
>>> software firewalls are not immune to exploits by malware attempting to
>>> send data to outside networks, then by simple deduction any and all
>>> egress filtering as a security concept is unnecessary. Egress filtering
>>> at the perimeter, done by reliable network appliances, is a vital part
>>> of network security, without proper egress control your network security
>>> is incomplete, ignore egress traffic at your own perils!


Kayman said:

> Fact:
> Outbound control on an XP platform as a security measure against malware is
> still utter nonsense.
> The windows platform was designed with usability in mind providing all
> kinds of possibilities for e.g. inter-process communication. This
> together with the very high probability that the user is running with
> unrestricted rights makes it impossible to prevent malware allowed to
> run and determined to by-pass any outbound "control" (which, of course
> modern malware is) from doing so. It's simply too unreliable to
> qualify as a security measure.

Does that not say that "any" outbound control (egress control) is "utter
nonsense that is too unreliable to qualify as a security measure"? The
comment was made in direct reply to my statement that egress filtering
at the perimeter was a vital part of network security, how else can you
interpret Kayman's reply?

John

 

[Phyllis]

Re: FIX for ZoneAlarm & KB951748 issue released

I replaced my wireless router and seems to have fixed the problems that I
was having. Hugh coincidence that my router would start to die at the same
time that everyone else started having problems with latest update.

Thanks for your help.

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:u53wtES5IHA.2332@TK2MSFTNGP03.phx.gbl...
> I'm not giving you attitude, I just need you to answer my questions,
> Phyllis. If you'd like to get voluntary or paid assistance elsewhere,
> please so do.
>
>> ...I believe you should know that SP3 became available before July
>> 8, 2008
>
> SP3 was made available via Windows Update website on or about 07 May-08,
> and
> for a very bried period was being offered to *some* users who'd configured
> Automatic Updates (AU) to "Download but notify" and "Notify Only."
>
> SP3 was made available to all users, independent of their AU settings, at
> 17:00 UTC, 10 Jul-08.
>
>> NO, it is not only after standby that it occurs...
>
> Thank you for answering my specific question.
>
>> I cleaned my machine of all files/traces of Norton after I uninstalled
>> via
>> Add/Remove Programs, but will download/run the removal tool that you
>> provided.
>
> Let me know if running the removal tool helps at all. Norton applications
> are notorious for not uninstalling cleanly, Phyllis. The "remainders"
> left
> behind can have an untold number of affects on performance, including
> connectivity.
>
> Phyllis, what's the make & model of your wireless router? Do you own it
> or
> do you lease it from your ISP there in Conway?
>
> Also tell me if the connectivity issues only seem to occur at specific
> times of the day (e.g., only in the early evening; from 5 PM till
> bedtime).
> --
> ~PA Bear
>
>
> Phyllis wrote:
>> My response from my last post: ("Don't remember date of SP3 install, was
>> right after it became available and I got update notification from
>> Automatic
>> Updates.") I believe you should know that SP3 became available before
>> July
>> 8, 2008. I really appreciate all the help, but can do without the
>> "attitude." I know this problem has been overwhelming to deal with and
>> you
>> are probably tired of incompetent people owning computers but none the
>> less
>> we all have them now.
>>
>> NO, it is not only after standby that it occurs. Also answered in last
>> post. (Usually when I FIRST open Internet Explorer I get this box that
>> says
>> "no internet connection available, do you want to work offline or retry."
>> When I click retry it connects right up. My wireless connection doesn't
>> connect at startup and if I do manage to get it connected it drops during
>> standby.) Does this response not answer the question about having the
>> problem only after standby or hibernation? I have my computer set to
>> never
>> hibernate.
>>
>> Outlook Express also exhibits the same problem.
>>
>> I cleaned my machine of all files/traces of Norton after I uninstalled
>> via
>> Add/Remove Programs, but will download/run the removal tool that you
>> provided. I will also install the updates. Thank you very much for your
>> help.
>>
>>
>> "PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
>> news:e3tHLOK5IHA.4908@TK2MSFTNGP04.phx.gbl...
>>> [Crossposting eliminated]
>>>
>>> Did you or did you not install WinXP SP3 on or after 08 July 2008?
>>>
>>> You explained your connection problems before. I need to know if you
>>> *only* have such problems after resuming the machine from Standby or
>>> Hibernate? If not, please say so.
>>>
>>> Do any of your other applications (e.g., Outlook Express) exhibit these
>>> connection problems or is it just IE7?
>>>
>>> =========================
>>>> ...I have also had Norton Internet Security during 2006 and 2007.
>>>
>>> 1. If anything named Norton or if LiveUpdate is listed in Add/Remove
>>> Programs, please uninstall it/them.
>>>
>>> 2. Now download/run this removal tool and reboot:
>>> http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039
>>>
>>> 3. Any improvement in the connectivity department?
>>> =========================
>>>
>>>> I did a system restore yesterday and told Automatic Updates to not show
>>>> me
>>>> KB951748 and KB951978 again.
>>>
>>> Please do NOT use System Restore to "undo" updates. Uninstall them via
>>> Add/Remove Programs instead.
>>>
>>> I would STRONGLY recommend that you get KB951748 and KB951978 installed
>>> again ASAP! You've proven that neither of them caused your problem, and
>>> KB951748 especially *is* a big deal! =>
>>> http://blog.washingtonpost.com/securityfix/2008/07/patch_the_entire_internet_tues_1.html
>>>
>>> And I can assure you that all responsible ISPs consider it a big deal,
>>> too, and are scrambling to make changes to protect against these
>>> vulnerabilities.
>>> --
>>> ~Robear Dyer (PA Bear)
>>> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
>>> AumHa VSOP & Admin http://aumha.net
>>> DTS-L http://dts-l.net/
>>>
>>>
>>> Phyllis wrote:
>>>> I am using microsoft.public.security in my Outlook Express to
>>>> view/reply.
>>>>
>>>> Problem started first part of the week after Windows Updates and AVG
>>>> update.
>>>>
>>>> Don't remember date of SP3 install, was right after it became available
>>>> and
>>>> I got update notification from Automatic Updates. Usually when I first
>>>> open
>>>> Internet Explorer I get this box that says "no internet connection
>>>> available, do you want to work offline or retry." When I click retry
>>>> it
>>>> connects right up. My wireless connection doesn't connect at startup
>>>> and
>>>> if
>>>> I do manage to get it connected it drops during standby.
>>>>
>>>> I use Windows Firewall, but have recently had Zone Alarms but didn't
>>>> like
>>>> some things about it and uninstalled via Add/Remove programs. I have
>>>> run
>>>> a
>>>> search and did not find any files associated with Zone Alarms on my
>>>> computer. I have also had Norton Internet Security during 2006 and
>>>> 2007.
>>>>
>>>> I did a system restore yesterday and told Automatic Updates to not show
>>>> me
>>>> KB951748 and KB951978 again. I did install the Malicious Software
>>>> Tool.
>>>> Problem remains. I am wondering if maybe my internet provider may have
>>>> been
>>>> messing with it trying to resolve this problem themselves. I believe
>>>> it
>>>> was
>>>> on Zone Alarms forum that I read where internet providers were having
>>>> to
>>>> make corrections to their servers too. Don't know if that is correct
>>>> or
>>>> not. I have read so much today, I can hardly remember my name at this
>>>> point. I have it all connected right now and has been working fine for
>>>> the
>>>> last couple of hours. Don't know what is going on.
>>>>
>>>> "PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
>>>> news:%23bqaawG5IHA.1196@TK2MSFTNGP05.phx.gbl...
>>>>>> I have been experiencing problems with my internet
>>>>>> connection all week.
>>>>>
>>>>> "All week" meaning since you installed KB951748, KB951978, and the
>>>>> Malicious Software Removal Tool on or shortly after 08 July 2008?
>>>>>
>>>>> When did you install WinXP SP3? Was AVG running in the background
>>>>> when
>>>>> you installed SP3? Do you only experience such issues after resuming
>>>>> from
>>>>> Standby or Hibernation?
>>>>>
>>>>> You've told us that ZoneAlarm isn't installed. Is another third-party
>>>>> firewall installed or are you using the Windows Firewall?
>>>>>
>>>>> Has a Norton or McAfee application ever been installed on the machine?
>>>>>
>>>>> Lastly, if you uninstall "Security Update for Windows XP (KB951748)"
>>>>> via
>>>>> Add/Remove Programs & reboot, does the behavior persist?
>>>>>
>>>>> PS: Please tell me which newsgroup you're using to view and reply to
>>>>> this
>>>>> thread. I'd prefer that we discontinue the unnecessary crossposting.
>>>>>
>>>>> Phyllis wrote:
>>>>>> Microsoft Windows Updates this week were KB951748 (Security Update
>>>>>> for
>>>>>> XP),
>>>>>> KB951978 (Update for Windows XP), KB890830 (Windows Malicious
>>>>>> Software
>>>>>> Removal Tool). I have been experiencing problems with my internet
>>>>>> connection all week. Sometimes I can't get it to connect at all, or
>>>>>> a
>>>>>> window will come up and say "there is no internet connection
>>>>>> available,
>>>>>> do I
>>>>>> want to work offline or retry." If I click retry it will connect
>>>>>> right
>>>>>> up.
>>>>>> Then at other times it will connect to the cable connection with no
>>>>>> problem,
>>>>>> but then my wireless connection will not connect, it doesn't even
>>>>>> show
>>>>>> a
>>>>>> network available. After fooling with it (disable, re-enable,
>>>>>> repair)
>>>>>> it
>>>>>> will just finally connect up.
>>>>>>
>>>>>> I had already upgraded to AVG 8.0 several weeks ago. The update this
>>>>>> week
>>>>>> was just a part of daily updates, but required restart of my computer
>>>>>> which
>>>>>> it never did before. It says 8.0.138.
>>>>>>
>>>>>>> What other *Windows* updates did you install this week? Exactly
>>>>>>> what
>>>>>>> problems are you experiencing since installing the July 2008
>>>>>>> updates?
>>>>>>>
>>>>>>> Did you upgrade from AVG v7.5 to v8.0, and are you now running
>>>>>>> v8.1.135?
>>>>>>> --
>>>>>>> Phyllis wrote:
>>>>>>>> Sorry about posting in the wrong place, but I was mainly commenting
>>>>>>>> on
>>>>>>>> the
>>>>>>>> fact that there were others with what seemed like the same problem
>>>>>>>> that
>>>>>>>> did
>>>>>>>> not have ZA.
>>>>>>>>
>>>>>>>> XP SP3, IE 7, and my AVG did an update this week that required
>>>>>>>> restart
>>>>>>>> of
>>>>>>>> my
>>>>>>>> computer which has never happened before, so it is possible they
>>>>>>>> made
>>>>>>>> some
>>>>>>>> changes as well. Has anyone complained about that freebie screwing
>>>>>>>> things
>>>>>>>> up? Seems like everything I have on my computer has been wanting
>>>>>>>> to
>>>>>>>> update
>>>>>>>> today and I'm getting a little gun shy. Thanks
>>>>>>>>
>>>>>>>>> No, sorry. It's been a very long week...
>>>>>>>>>
>>>>>>>>> Then again, you did post in a thread about ZoneAlarm and KB951748
>>>>>>>>> instead
>>>>>>>>> of beginning your own thread.
>>>>>>>>>
>>>>>>>>> What's your Windows version (e.g., WinXP SP3) and IE version,
>>>>>>>>> Phyllis?
>>>>>>>>> What other updates did you install this week besides KB951748?
>>>>>>>>> --
>>>>>>>>> Phyllis wrote:
>>>>>>>>>> So this fix works even if you are not running Zone Alarms?
>>>>>>>>>>
>>>>>>>>>>> ZA's had the fix for several days now:
>>>>>>> <snip>
>

 

[Kayman]

Re: FIX for ZoneAlarm & KB951748 issue released

On Mon, 21 Jul 2008 09:22:07 -0700, Paul (Bornival) wrote:

> "Kayman" wrote:
>
>>> Where can we find the technical details of the incompatibility. I have been
>>> looking hard but have not found anything relevant so far (or so vague you
>>> can't understand what is going on).
>>
>> Informative reading:
>>
>> Dan Kaminsky Discovers Fundamental Issue In DNS: ...
>
> Thank you. But I have actually read all those documents. What I was
> interested in was to understand the technical (ral) reason for the
> incompatibility of ZA with KB951748.

Don't know (can't locate) any technical reasons re incompatiblity. My guess
is that ZA just did not realize the impact KB951748 would have to their
software. For the ZA users, this actually would be an interesting question
to ask in their forum.