Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: ZoneAlarm shutdown problem update, MS Black Tuesday

SANS Site Network

Current Site

SANS Internet Storm Center

Other SANS Sites Help

Graduate Degree Programs

Security Training

Security Certification

Security Awareness Training

Penetration Testing

Industrial Control Systems

Cyber Defense Foundations

DFIR

Software Security

Government OnSite Training

SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Log In or Sign Up for Free!

ZoneAlarm shutdown problem update, MS Black Tuesday
ZoneAlarm Update An update report from a Diary contributor says: "The affected version of ZoneAlarm was 5.5.094.000. The newer fixed version of ZoneAlarm is 5.5.094.000 (hey it looks the same!) Why they couldn't just use that fourth numbering component and change .000 to .001 is a mystery. If you download the file, right-click on it and look at the properties, the broken version of ZoneAlarm Pro will be file version '5.5.94.0' and has the description 'ZoneAlarm Pro-1025-English'. The newer version will have a description of 'ZoneAlaram Pro-1043-English'. For the freeware ZoneAlarm, the newest update available to download has a description of 'ZoneAlarm-1013-English'. I don't know what the description value was for the affected version." Thanks for the contribution! Earlier Diary Entries ZoneAlarm Problems ZoneAlarm ( A Check Point Company) users were lighting up ZoneLABS user forums yesterday with reports of the firewall shutting down. ZoneLABS issued an advisory . "Vulnerable" MS OS and application list See "Microsoft June Advance Notification Unspecified Security Vulnerabilities" http://www.securityfocus.com/bid/13923/info The MSSRC Blog says MS will release "7 bulletins affecting Windows. The maximum severity rating for these security updates is Critical and some will require a restart. 1 bulletin affecting Windows and Microsoft Services for UNIX. The, maximum severity rating for this is Moderate and may require a restart. 1 bulletin affecting Microsoft Exchange. The maximum severity rating for this security update is Important and it will not require a restart. 1 bulletin affecting Microsoft Internet Security and Acceleration (ISA) Server and Small Business Server. The maximum severity rating for these security updates is Moderate and may require a restart." And Juha-Matti adds another pointer to what's coming with a pointer to: CAN-2005-1907 (under review) "The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (Wspsrv.exe crash) via a large amount of SecureNAT network traffic." http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1907 Thanks Juha-Matti! The Co$t of Security Over at TheRegister, in the article "Symantec ask court to rule Hotbar.com as adware", it says "In other spyware-related news, Dell said that better customer awareness and sales of security software subscriptions had halved the number of support calls it was receiving about spyware-related problems over the last year." http://www.theregister.com/2005/06/09/symantec_hotbar_lawsuit/ Cisco - Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access Cisco has released a Cisco Security Notice in response to an advisory released by FishNet Security on June 8, 2005 entitled "Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access" http://www.uniras.gov.uk/niscc/docs/br-20050609-00475.html?lang=en I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Cyber Defence Japan 2021	Jim 419 Posts ISC Handler Jun 10th 2005
Thread locked Subscribe	Jun 10th 2005 1 decade ago

Sign Up for Free or Log In to start participating in the conversation!