An update report from a Diary contributor says: "The affected version of ZoneAlarm was 5.5.094.000. The newer fixed version of ZoneAlarm is 5.5.094.000 (hey it looks the same!) Why they couldn't just use that fourth numbering component and change .000 to .001 is a mystery. If you download the file, right-click on it and look at the properties, the broken version of ZoneAlarm Pro will be file version '126.96.36.199' and has the description 'ZoneAlarm Pro-1025-English'. The newer version will have a description of 'ZoneAlaram Pro-1043-English'. For the freeware ZoneAlarm, the newest update available to download has a description of 'ZoneAlarm-1013-English'. I don't know what the description value was for the affected version."
Thanks for the contribution!
Earlier Diary Entries
ZoneAlarm ( A Check Point Company) users were lighting up ZoneLABS user forums yesterday with reports of the firewall shutting down. ZoneLABS issued an advisory .
"Vulnerable" MS OS and application list
See "Microsoft June Advance Notification Unspecified Security Vulnerabilities"
The MSSRC Blog says MS will release "7 bulletins affecting Windows. The maximum severity rating for these security updates is Critical and some will require a restart.
1 bulletin affecting Windows and Microsoft Services for UNIX. The, maximum severity rating for this is Moderate and may require a restart.
1 bulletin affecting Microsoft Exchange. The maximum severity rating for this security update is Important and it will not require a restart.
1 bulletin affecting Microsoft Internet Security and Acceleration (ISA) Server and Small Business Server. The maximum severity rating for these security updates is Moderate and may require a restart."
And Juha-Matti adds another pointer to what's coming with a pointer to:
CAN-2005-1907 (under review)
"The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (Wspsrv.exe crash) via a large amount of SecureNAT network traffic."
The Co$t of Security
Over at TheRegister, in the article "Symantec ask court to rule Hotbar.com as adware", it says "In other spyware-related news, Dell said that better customer awareness and sales of security software subscriptions had halved the number of support calls it was receiving about spyware-related problems over the last year."
Cisco - Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access
Cisco has released a Cisco Security Notice in response to an advisory released by FishNet Security on June 8, 2005 entitled "Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access"
I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Gulf Region 2020
Jun 10th 2005
Jun 10th 2005
1 decade ago