mailing list archives
Re: Bypassing ZoneAlarm (limited)
From: Te Smith <tsmith () zonelabs com>
Date: 1 Jul 2003 01:39:32 -0000
In-Reply-To: <20030623061246.7134.qmail () www securityfocus com>
The posting describes test results using older versions of Zone Labs
ZoneAlarm and also erroneously attributes the problem to a flawed core
Zone Labs Advanced Program Control feature protects PCs from the
ShellExecute theoretical exploit. This feature is available in all Zone
Labs advanced consumer security products, as well as Zone Labs
enterprise security product, Integrity. Advanced Program Control protects
against this theoretical exploit and others which attempt to bypass the
firewalls trusted application permissions.
Zone Labs recommends that users run Program Control at the
default medium setting for about a week so that the software
will learn each program that is used for Internet access. After a week,
configure Program Control at the high setting. At that point, users will
only be prompted with an Alert if there is a problem. As a result, users
get full protection against the ShellExecute theoretical exploit. Zone
Labs is always working on improving these and other features to make them
easy-to-use and intuitive for all users, no matter their skill level.
Zone Labs first introduced the Advanced Program Control feature in
November, 2002 with the release of ZoneAlarm Pro 3.5. Zone Labs added
this feature to Integrity at the same time and then added it to ZoneAlarm
Plus in February, 2003. Zone Labs recommends that all users keep their
security products up-to-date at all times.
We have continually hardened security in our free ZoneAlarm, as we do with
all our releases, but we do not include all advanced features in this
More information can be found through our technical support FAQs.
Sr. Director, Corporate Communications
tsmith () zonelabs com
- Re: Bypassing ZoneAlarm (limited) Te Smith (Jul 01)