-- Zone Labs Warns of Flaw in Multiple Products
(30/29 September 2005)
Zone Labs has issued a security advisory warning of a
vulnerability
in the ZoneAlarm firewall that could be exploited by
malicious code
to trick the firewall into allowing it to connect to
the Internet.
The flaw affects the free ZoneAlarm firewall, default
installations
of versions 5.5 and earlier of the paid firewall as
are default
installations of the Check Point Integrity Client;
paid ZoneAlarm
products 6.0, which were released in July, do not
have this
vulnerability. Zone Labs does not plan to fix the
vulnerability in
its free product as it considers the flaw "low risk";
the paid
products are protected because of their additional
technology.
http://news.com.com/2102-1002_3-5886488.html?tag=st.util.printhttp://download.zonelabs.com/bin/free/securityAlert/35.html
[Editor's Note (Honan): I hope the reasons for not
patching the
free version of Zone Alarm is because the
vulnerability is a "low
risk" and not a ploy to force people to purchase the
professional
version of the software. Many ordinary non-IT users
protect their
machines using the Zonealarm's free product and these
users are the
very ones often targeted for attacks. This "low risk"
vulnerability
could prove not to be the case.]
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
_______________________________________________
See: http://www.mscomputer.com for "Self Supporting Towers", "Wireless Weather
Stations", and lot's more. Call Toll Free, 1-800-333-9041 with any questions
and ask for Sherman, W2FLA.
_______________________________________________
TowerTalk mailing list
TowerTalk@contesting.com
http://lists.contesting.com/mailman/listinfo/towertalk
|