[Dshield] Problem with MS Updates?
Robert Nelson
nelsrob at mts.net
Wed Jul 9 22:42:19 GMT 2008
After setting it to "Medium," Ferg, just modify the "Medium" settings to block all that other stuff that "High" normally blocks.
There's a few folks waiting for CheckPoint/ZA to fix their little firewall toy... I'm glad I have a wired router to hide behind,
too! And yes, I changed the default password. ;)
Robert
-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org] On Behalf Of Paul Ferguson
Sent: July 9, 2008 1:36 AM
To: list at lists.dshield.org
Subject: Re: [Dshield] Problem with MS Updates?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In the spirit of "eat your own dog food" and "FYI self-adherence", I am happy to report that I managed to successfully install all
of today's MS security updates without incident after lowering my ZoneAlarm firewall to "Medium" as opposed to "High".
What I am unhappy about is that I had to set it to "Medium".
I await a fix from CheckPoint/ZoneAlarm.
Just an FYI.
Thanks,
- - ferg
- -- "Paul Ferguson" <fergdawg at netzero.net> wrote:
It has been brought to my attention that this is an apparent conflict between ZoneAlarm and MS update KB951748:
http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52
785
Apparently, resetting Internet Zone Security from High to Medium is a
workaround:
http://forum.zonelabs.org/zonelabs/board/message?board.id=cfg&message.id=52
733
FYI,
- - ferg
- -- "Paul Ferguson" <fergdawg at netzero.net> wrote:
Heads-up:
I just had to System Restore a few machines (including my laptop) after updating with today's monthly Microsoft security patches.
All systems were XP SP2 -- and I have also expressly not selected the SP3 upgrade.
After rebooting, the Windows TCP/IP API seems to become completely broken, e.g. network applications (browser, NTP client, etc.)
cannot reach their desired destinations (error: host not found), however, when you open a DOS Shell, you can successfully resolve
DNS queries, ping target hosts, traceroute, etc.
Very bizarre and very frustrating. I spent ~2 hours futzing with this issue.
I have seen no mention of this elsewhere yet, but basically if you do not System Restore, you're functionally dead in the water.
I plan to make some inquires elsewhere, but for now, I would highly recommend waiting to apply the monthly Microsoft Black Tuesday
updates until things are more clear.
Has anyone else run into any problems?
FYI,
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
wj8DBQFIdFwPq1pz9mNUZTMRAit9AKDpDggq0a40QsY9BXoqIUwQbAnz/ACfQpzV
H2bsKkS8sPKKCDR+fD+SQl8=
=tMqF
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
_________________________________________
SANSFIRE !! The Internet Storm Center Conference http://www.sans.org/sansfire08/
More information about the list
mailing list