Microsoft's DNS update conflicts with ZoneAlarm firewall
Check Point Software Technologies, the maker of popular firewall ZoneAlarm, reported that many firewall users were completely cut off from the Internet after installing the latest patch in Microsoft Update. This patch closes the hole associated with the most serious vulnerability in the DNS protocol , which became known two days ago.
Vulnerability in the DNS protocol was so serious that it raised to the ears of all security professionals related to Internet technologies. If you do not urgently patch the DNS servers on the Internet (and they are still not patched), then a hypothetical attacker, by changing DNS tables, can easily redirect the request to any server to any other server (for example, all user mail can be redirected to the attacker’s website). , and from there to the addressee), and completely imperceptible to the user. True, over the past couple of days, the attackers have not yet had time to react but discover a new hole (they are probably working on it right now).
Microsoft promptly released update KB951748 ( MS08-037 ) for Windows 2000, XP and Server 2003 operating systems, which introduces changes to the Windows Domain Name System (DNS). However, if ZoneAlarm users of the firewall, who have a “high” security level in the settings, install this patch, then they will completely lose the ability to connect to the Internet. Until the problem is solved, Check Point recommends that users remove this patch from the system, download the new version of the firewall, or reduce the security level in the firewall to “medium”.
Vulnerability in the DNS protocol was so serious that it raised to the ears of all security professionals related to Internet technologies. If you do not urgently patch the DNS servers on the Internet (and they are still not patched), then a hypothetical attacker, by changing DNS tables, can easily redirect the request to any server to any other server (for example, all user mail can be redirected to the attacker’s website). , and from there to the addressee), and completely imperceptible to the user. True, over the past couple of days, the attackers have not yet had time to react but discover a new hole (they are probably working on it right now).
Microsoft promptly released update KB951748 ( MS08-037 ) for Windows 2000, XP and Server 2003 operating systems, which introduces changes to the Windows Domain Name System (DNS). However, if ZoneAlarm users of the firewall, who have a “high” security level in the settings, install this patch, then they will completely lose the ability to connect to the Internet. Until the problem is solved, Check Point recommends that users remove this patch from the system, download the new version of the firewall, or reduce the security level in the firewall to “medium”.
')
Source: https://habr.com/ru/post/28842/
All Articles