10/1/2005

Malicious code could trick ZoneAlarm firewall

Filed under: — By Aviran Mordo @ 11:19 am

Malicious code masquerading as a trusted application could trick a ZoneAlarm firewall into letting it connect to the Internet, security experts have warned.

The issue affects the popular free ZoneAlarm firewall and default installations of version 5.5 and earlier of the paid product, maker Zone Labs said in a security advisory on Thursday. Default installations of the Check Point Integrity Client are also affected, but the paid ZoneAlarm 6.0 products, released in July, are not, Zone Labs said.

“If successfully exploited, a malicious program may be able to access the network via a trusted program,” Zone Labs, which is part of Check Point Software, said in its advisory. If the malicious program attempted a direct connection to the Internet, it would be blocked by the firewall.

Source: News.com

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress