Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Bypassing ZoneAlarm (limited)
From: Te Smith <tsmith () zonelabs com>
Date: 1 Jul 2003 01:39:32 -0000

In-Reply-To: <20030623061246.7134.qmail () www securityfocus com>

The posting describes test results using older versions of Zone Labs’ 
ZoneAlarm and also erroneously attributes the problem to a flawed core 
design.  

Zone Labs’ Advanced Program Control feature protects PCs from the 
ShellExecute theoretical exploit.  This feature is available in all Zone 
Labs’ advanced consumer security products, as well as Zone Labs’ 
enterprise security product, Integrity.  Advanced Program Control protects 
against this theoretical exploit and others which attempt to bypass the 
firewall’s trusted application permissions.  

Zone Labs recommends that users run Program Control at the 
default ‘medium’ setting for about a week so that the software 
will ‘learn’ each program that is used for Internet access.  After a week, 
configure Program Control at the high setting.  At that point, users will 
only be prompted with an Alert if there is a problem.  As a result, users 
get full protection against the ShellExecute theoretical exploit.  Zone 
Labs is always working on improving these and other features to make them 
easy-to-use and intuitive for all users, no matter their skill level.

Zone Labs first introduced the Advanced Program Control feature in 
November, 2002 with the release of ZoneAlarm Pro 3.5.  Zone Labs added 
this feature to Integrity at the same time and then added it to ZoneAlarm 
Plus in February, 2003.    Zone Labs recommends that all users keep their 
security products up-to-date at all times.   

We have continually hardened security in our free ZoneAlarm, as we do with 
all our releases, but we do not include all advanced features in this 
basic product.

More information can be found through our technical support FAQs. 

Te Smith
Sr. Director, Corporate Communications
Zone Labs
tsmith () zonelabs com






  By Date           By Thread  

Current thread:
  • Re: Bypassing ZoneAlarm (limited) Te Smith (Jul 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault