Microsoft Security Update Goes Badly

Dennis Faas's picture

Users of some firewall software, including the popular Zone Alarm, have found Microsoft's latest security update works a little too well: it effectively blocks their Internet access completely.

The offending update fixes a pretty serious flaw in Windows which would have allowed hackers to redirect network traffic. However, it's proved incompatible with the entire ZoneAlarm series of software, leaving its users unable to access websites, instant messaging, email or any other Internet services. (Source:

ZoneAlarm has published three possible solutions. The first is to simply uninstall the update; you can do this by going into the Control Panel and choosing Add or Remove Programs. You'll then need to check the box marked 'Show updates' and then remove the update KB951748.

This is ZoneAlarm's recommended choice, but it has a couple of drawbacks. First, unless you already manually configure which updates get installed on your machine, you'll probably find Microsoft is quite stubborn about trying to reinstall it.

Second, right now is the most important time to be protected against the Windows flaw because hackers will be looking through the technical details of update and more of them will figure out how to exploit it on unprotected machines (this pattern is known as a Zero Day attack).

The simplest option is to go into the Zone Alarm firewall and set the Internet Zone slider to 'medium'. This isn't ideal as it does reduce your security.

The safest option is also the most complex. It involves going into the 'Zones' tab of the Firewall panel, then clicking Add, IP address and Trusted in that order. You'll then need to add your IP addresses.

If you don't know your IP addresses, click Start and Run, then type in cmd.exe. This will bring up the command prompt, from which you can type "ipconfig /all". You'll then find the IP addresses listed under DNS Server(s).

Some sites are recommending resetting the ZoneAlarm database completely, but this is likely an overreaction. (Source:

Rate this article: 
No votes yet