Results 1 to 4 of 4

Thread: MS Patch issue w/ ZA 7 (repost from below)

  1. #1
    cglrcng Guest

    Default MS Patch issue w/ ZA 7 (repost from below)

    We need to keep it all in a single thread or there will be no good info provided from which to work on the problem: This is an issue caused by a recently released
    MS fix, not by CheckPoint or ZA 7. It just started happening due to the patch released yesterday. There are options, though none seem good so far. Give them time to look into the problem please. ZA has been there for years for us...we want them to continue to be please.
    I posted the following earlier below: (in the interest of offering options though I am but a user, puters are my business too)._____________________________________________ __________________________________________________ ______________It could be just ZA 7.0.470.000, but be forewarned about the un-install of just the 1 update (MS Update patch KB951748), of the 3 installed patches...According to an MS Security Bulletin...PATCHES
    MUST BE REMOVED IN ORDER of installation or it can cause the OS to quit responding or not boot properly. According to an MS security bulletin I just read, uninstalling the patches in an improper order is not supported.
    I ran into the issue during an OS cleaup on a customers laptop yesterday by accident....Connection to the internet before installing the latest 3 patches, then instantly upon restart no connection even though it showed connected at the icon, I
    could get no browser connection. (What I did in that case is re-install ZA 7, then still no browser connection, uninstalled ZA 7, restart then re-install again, still no connection.
    While I am a very longtime fan of ZA (every puter I have ever owned / or worked on has ZA installed, either Free or Pro...and thats thousands upon thousands of puters, so my phone will start ringing very soon I need as much info as possible very soon please Check Point).
    What I did in that particular case yesterday since the customer lives only 3 doors away, was to uninstall ZA and simply turn on the Win XP firewall until I knew for sure what was up, as I had figured it had something to do w/ patch tuesday and the latest MS patches applied. (This isn't the first time that MS patches have done this over the years).
    In the interest of helping CheckPoint and others w/ ZA 7 installed w/ more info....
    I just removed the offending patch from 2 systems I own myself (of course both had lost connection of the browser, but showed connected via the icon), my working machine and my Son's puter, both warned me that another patch (MS Patch KB951978 which is listed right below KB 951748 in both XP Pro Add/Remove Programs listings), "may not work after uninstalling MS Patch KB951748".
    Though both of these systems rebooted properly and seem to show no problems yet (and connection through the ZA 7 was re-established on both just fine), there could be a future problem arise. I also ran QFECheck.exe downloadable from MS and it showed no problems w/ any applied patches as of yet.
    So in the interest of OS safety I suggest personally the following if you have ZA 7 installed...If you have not yet applied the MS patches released yesterday (Patch Tuesday, July 8, 2008), don't do so until CheckPoint gets to the bottom of the problem and finds a fix, or apply everything except MS Patch KB951748, or uninstall all 3 patches in the reverse order that they were actually applied using the Option at MS Windows Update/Microsoft Update listed in "Options" (Review your update history)...mine both show the following order of installation...Last installed was KB951978 then before that KB890830, then before that KB951748...the offending patch it fully appears
    , then re-install everything except MS Patch KB951748.
    I followed Check Point's recommendation before I read MS's warning about the MS bulliten about the "order of removal of patches" warning.
    Or better yet....maybe do what I did and simply uninstall the ZA 7 and turn on the MS Windows firewall until a fix is determined. (No, I don't like that option much either)...But just be careful what you do as MS does not support the removal in the wrong order of patches (as applied, or uninstalled), or the problems it may cause, and they do know it can/does cause issues.
    Their order in the KB article listed like this: (proper removal of an applied MS patch). I am trying to find the page link again right now.
    Patch 1 appliedPatch 2 appliedPatch 2 un-installedPatch 1 un-installed
    Good Luck!

    Operating System:
    Windows XP Pro
    Software Version:
    Product Name:
    ZoneAlarm (Free)

    Message Edited by cglrcng on 07-09-2008 12:01 PM

  2. #2
    lizhedges Guest

    Default Re: MS Patch issue w/ ZA 7 (repost from below)

    I discovered I could not access the internet today after the automatic update of last night. After spending some time trying to work out what was wrong I disabled Zone Alarm and visited this forum. I uninstalled the update and
    everything is
    now working fine.
    Many thanks for the info.
    Do I need the update and how will I know when it is safe to download it.

  3. #3
    cglrcng Guest

    Default Re: MS Patch issue w/ ZA 7 (repost from below)

    This is much bigger than it first appears...Read this first, then think DNS patch released yesterday. We may just have to rely on the Windows firewall for a while...DNS addresing problems are much higher in elevation than a non-working ZA 7 (now that the problem is out in the open and written about the coders will be working overtime).
    I'm going to reinstall the patch, as an un-patched system shows that it is vulnerable while a patched system shows not vulnerable. The rabbithole gets deeper...and deeper as the white hats repair breaks our salvation (ZA), the black hats get a fix and the instructions at the same time. It certainly isn't CheckPoint's fault...I just hope they can fix ZA 7 soon. Test your system here.
    Good Luck To Us All!

  4. #4
    cglrcng Guest

    Default Re: MS Patch issue w/ ZA 7 (repost from below)

    Here is more...looks like tooting their horn much too quickly on the fixes. From what I saw at CERT earlier in the process of researching "all CheckPoint Software wasn't subject to the vulnerability before"...but did the fix "break what wasn't broke before" in the process? The internet is more important than each individual puter to say the very least. I don't think this one will be such an easy one for Check Point to solve, but they should have tested a ZA 7 firewall loaded puter at least once in the process, ya think?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts