[Dshield] Problem with MS Updates?

Robert Nelson nelsrob at mts.net
Wed Jul 9 22:42:19 GMT 2008

After setting it to "Medium," Ferg, just modify the "Medium" settings to block all that other stuff that "High" normally blocks.

There's a few folks waiting for CheckPoint/ZA to fix their little firewall toy... I'm glad I have a wired router to hide behind,
too! And yes, I changed the default password. ;)


-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org] On Behalf Of Paul Ferguson
Sent: July 9, 2008 1:36 AM
To: list at lists.dshield.org
Subject: Re: [Dshield] Problem with MS Updates?

Hash: SHA1

In the spirit of "eat your own dog food" and "FYI self-adherence", I am happy to report that I managed to successfully install all
of today's MS security updates without incident after lowering my ZoneAlarm firewall to "Medium" as opposed to "High".

What I am unhappy about is that I had to set it to "Medium".

I await a fix from CheckPoint/ZoneAlarm.

Just an FYI.


- - ferg

- -- "Paul Ferguson" <fergdawg at netzero.net> wrote:

It has been brought to my attention that this is an apparent conflict between ZoneAlarm and MS update KB951748:


Apparently, resetting Internet Zone Security from High to Medium is a



- - ferg

- -- "Paul Ferguson" <fergdawg at netzero.net> wrote:


I just had to System Restore a few machines (including my laptop) after updating with today's monthly Microsoft security patches.

All systems were XP SP2 -- and I have also expressly not selected the SP3 upgrade.

After rebooting, the Windows TCP/IP API seems to become completely broken, e.g. network applications (browser, NTP client, etc.)
cannot reach their desired destinations (error: host not found), however, when you open a DOS Shell, you can successfully resolve
DNS queries, ping target hosts, traceroute, etc.

Very bizarre and very frustrating. I spent ~2 hours futzing with this issue.

I have seen no mention of this elsewhere yet, but basically if you do not System Restore, you're functionally dead in the water.

I plan to make some inquires elsewhere, but for now, I would highly recommend waiting to apply the monthly Microsoft Black Tuesday
updates until things are more clear.

Has anyone else run into any problems?


- - ferg

Version: PGP Desktop 9.6.3 (Build 3017)


"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet  fergdawg(at)netzero.net  ferg's tech blog: http://fergdawg.blogspot.com/

SANSFIRE !! The Internet Storm Center Conference http://www.sans.org/sansfire08/

More information about the list mailing list