Hmm ZA has yet another major flaw in it. [Archive] - SpeedGuide.net Broadband Community
PDA

View Full Version : Hmm ZA has yet another major flaw in it.

Protester
01-18-01, 02:06 PM
http://www.diamondcs.com.au/alerts/zonedown.txt A trojan just has to run this .bat file and down it goes.
Scoot
01-18-01, 02:46 PM
<font face="Verdana, Arial" size="2">Originally posted by Protester:
http://www.diamondcs.com.au/alerts/zonedown.txt A trojan just has to run this .bat file and down it goes.</font>

This issue has been discussed previously.
Since you are security minded may I suggest you get the patch for the vulnerability and send a complaint letter to Zonelabs.
Both can be accomplished here (http://www.blazertech.com/zonealarm/index.asp).



------------------
Quest for Knowledge
http://w1.511.telia.com/~u51102888/anims/computer/hackanm.gif
Protester
01-18-01, 03:19 PM
Um this is a new one not the mutex one.
This new one is an batch file that will uninstall ZA from your systems completely whereas the mutex one prevents ZA from loading at boot. 2 very different problems and there is no patch for this new one, only the mutex one.

Mutex announcement: http://www.diamondcs.com.au/alerts/zonemutx.txt

Uninstaller announcement: http://www.diamondcs.com.au/alerts/zonedown.txt

Thanks for the link anyway since I signed the complaint letter and promptly uninstalled ZA. I have been thinking about going Hardware anyway.


[This message has been edited by Protester (edited 01-18-2001).]
Juggernaut
01-18-01, 03:50 PM
I admit there are a few flaws in ZoneAlarm but what can u expect from a software firewall. All software firewalls can (and possibly will) be affected one way or another if the person is unknowingly executes something they don't know about. A firewall can only do so much for a person if they take no regard in what the install or run on their computer.
Scoot
01-18-01, 10:53 PM
Ok,I am sorry,let me correct myself.
Both vulnerabilities were released on the same day http://www.speedguide.net/ubb/wink.gif
Check the dates on your link pages http://www.speedguide.net/ubb/wink.gif
Still a good heads up to keep people aware of the shortcomings of software firewalls!!
Your idea of a router is sounding better all the time http://www.speedguide.net/ubb/biggrin.gif

------------------
Quest for Knowledge
http://w1.511.telia.com/~u51102888/anims/computer/hackanm.gif
wYcKeD oNe
01-24-01, 01:29 PM
Considering that ZA is free (the personal version) you can't really complain too much about it. Plus, it is software. If you can write it, someone else can crack it / hack it/ write a virus for it.

------------------
Team wĄcKeD. wĄcKeD to the core.