Zone Alarm Alert...

[Guest Paracelsus]

In this Friday's TechWeb Today: Zone Alarm AlertDeals with a potential for Buffer Overflow attack(My apologies if this is old news)

[henderrob]

Zone Alarm, on my system, notified of an update so I downloaded it and installed. This was yesterday so I hope it takes care of this potential problem.

[nlinecomputers]

ZoneAlarm users were urged to update their software to version 4.5.538.001, while Integrity Client 4.0 and 4.5 users should upgrade to versions 4.0.146.046 and 4.5.085, respectively. More details on the vulnerability and upgrade instructions can be found on the Zone Labs Web site.

I'd say it does. 4.5.538.001 is the version number I downloaded.

[Guest LilBambi]

Yep, that's the one

[epp_b]

According to the ZoneLabs Security Alert, the target machine has to be running an SMTP server.No server here, no updates needed :)That, and it has to request Internet access from ZA before it can attack it ("Can I destroy your computer please?" ) and I have my ZA program control settings to the highest available option.This sounds like an update for users who wouldn't have the computer knowledge to recognize a unfamiliar program to Windows that they did not install.

[Guest LilBambi]

Or those who might be running insecure email clients, not locked down or able to execute code, or using the preview pane, or mistakenly open something they shouldn't that might contain certain types of worms that use their own SMTP servers.They forgot to mention that!

[Guest Paracelsus]

Zone Alarm, on my system, notified of an update so I downloaded it and installed.  This was yesterday so I hope it takes care of this potential problem.

DANG!!!...This is what ticks me off I have my options set for "Automatically Check for Updates", but this is the SECOND time I haven't received notice All permissions are set to allow for Internet access... As well as e-mail notifications.I have full time DSL with no restrictions and I only now reboot my system once a week.Evidently, I either have some setting mis-configured, or Symantic doesn't like me anymore :'( :'(

[epp_b]

Or those who might be running insecure email clients, not locked down or able to execute code, or using the preview pane, or mistakenly open something they shouldn't that might contain certain types of worms that use their own SMTP servers.

Ah, I love Eudora

[Ed_P]

either have some setting mis-configured, or Symantic doesn't like me anymore

I would suspect an email filter. Definitely not Symantic, they don't own ZoneLabs, yet.

[epp_b]

either have some setting mis-configured, or Symantic doesn't like me anymore

I would suspect an email filter. Definitely not Symantic, they don't own ZoneLabs, yet. :'(

I believe "yet" is the keyword

[Guest Paracelsus]

either have some setting mis-configured, or Symantic doesn't like me anymore

I would suspect an email filter. Definitely not Symantic, they don't own ZoneLabs, yet.

What can I tell ya...A long Fri - day No one seems to like me this week.Symantic... ZAP... Verizon... My Boss!!...They're all out to give me a Swizzle Stick up the Yazoo :'( :'(

[Guest LilBambi]

Maybe they just didn't get to you yet ... Most of the folks that I talked to have been shown the upgrade box, but not all as yet. Others came a bit later. Maybe they are on some sort of rotation so as not to bog things down??I don't know ... but you aren't alone.

[Stryder]

The sad part is my subscription ran out on February 09. They will not update my version to the secure version without me buying another whole years service. I think it is sad they will not fix the bugs in their existing software without having to pay. I was holding off on renewing ZA because I was doing some research on a few different firewalls in case I found somethng I liked better than ZA. ZoneLabs decision to not secure what I have already purchased has helped me narrow down my choices...... and ZA is not one of them.

[Guest Paracelsus]

Didn't know about that, Stryder.Thanks for the insight into ZA's policy in this area.In consideration that this would seem to be more of a "Patch", than anything else...It does seem reprehensible that the Fix is not available to all current owners.I may also have second thoughts when my first year with ZA is up this August.PS - I'll be interested in knowing what you decide to go with!

[Ed_P]

I don't have the problem with the free version of ZA

[epp_b]

Same here. ZA free combined with a hardware firewall offers very acceptable security.

[nlinecomputers]

The sad part is my subscription ran out on February 09. They will not update my version to the secure version without me buying another whole years service. I think it is sad they will not fix the bugs in their existing software without having to pay. I was holding off on renewing ZA because I was doing some research on a few different firewalls in case I found somethng I liked better than ZA. ZoneLabs decision to not secure what I have already purchased has helped me narrow down my choices...... and ZA is not one of them.

On the one hand I can understand your point but why MUST a software provider provide lifetime support for a product? In the security realm threats are constantly changing. New unplaned threats arrive everyday. Isn't a bit unrealistic to expect a security company to provide protection against NEW threats FOREVER based on the ONETIME payment of $50 bucks? Simply put your not paying for software your paying for a service. To protect your computer against all incoming threats for one year. And they are upfront about it, else why call it a SUBSCRIPTION. If you only want $50 worth of protection for life you deserve the quality of protection that you are going to pay for.

[Stryder]

This is not a an ancient product I have. It is a product ( ZA 4.0 ) that is less than a year old with a major security hole in it that they will not fix.

Isn't a bit unrealistic to expect a security company to provide protection against NEW threats FOREVER based on the ONETIME payment of $50 bucks?

This is not a "New threat", this is a programming flaw in their software that has been there from the the time they originally released it. I am not asking for an update, I am asking them to fix the problems with the product they sold me.

[nlinecomputers]

This is not a an ancient product I have. It is a product ( ZA 4.0 ) that is less than a year old with a major security hole in it that they will not fix.

Your subscription expired on Feb 9th. So that means that you got a free upgrade to 4.0 because 4.0 wasn't out last year at that time AND you want coverage for at least a year from the launch point of the product? Most software vendors would have made you purchase a new copy when the version number changed. I can buy Norton Anti-virus 2004 and buy a AV subscription in a year but that subscription doesn't entitle me to automatically get a copy of NAV 2005 when it comes out. ZA gives you full version upgrades in exchange for one year support. If they goto 5 or even 6 in a single year you'll get that copy. FREE Seems like a fair trade off to me. You always get the latest copy, no forced upgrades, but you have to pay for support ANY support.

This is not a "New threat", this is a programming flaw in their software that has been there from the time they originally released it. I am not asking for an update, I am asking them to fix the problems with the product they sold me.

I don't know isn't every security flaw traceable back to some overlooked problem? And I do call it a NEW threat unless you can show me some evidence that the threat was being exploited before now or that ZA was hiding the threat until they fixed it. (Possible as eEye will work with vendors to hold off announcements until a fix is available.)

[Stryder]

Whatever dude.........not here to argue just for arguments sake........ go get your fix somewhere else.And yes it was eEye that found the exploit. A buffer over flow problem if you can believe that!!!!

[nlinecomputers]

Nah, Not here to start a fight. We both made our points. Agree to disagree and move on. :-)It is funny that it is a buffer overflow. I'm not a C programmer but I have done some of it and it is REAL easy to do that. You've got to manually check out all that in order to find them. Most of this stuff is programmed in C so it's easy to do it by mistake.