Article

Update: Vulnerability in ZoneAlarm Pro

Bill Brenner, News Writer

An attacker could use a bypass vulnerability in Zone Lab's ZoneAlarm Pro software to lure users to malicious sites and there is currently no workaround, according to IT consulting firm Kurczaba Associates.

The firm said in its advisory

    Requires Free Membership to View

that the problem was uncovered during testing on a Windows XP Professional machine running ZoneAlarm Pro 5.0.590.015. The machine was also equipped with Internet Explorer 6.0 and all patches.

The problem lies in ZoneAlarm Pro's mobile code filter, which integrates with Internet Explorer. The filter blocks potentially dangerous Web objects such as ActiveX, Java Applets, and certain MIME objects. It also blocks out any "application/*" MIME type.

"Unfortunately," the advisory said, it does not filter content on the secure sockets layer (SSL), a commonly used protocol for managing the security of a message transmission on the Internet. "A malicious person could lure a ZoneAlarm Pro user to a malicious SSL site with dangerous mobile code content; and ZoneAlarm Pro would not filter the mobile code."

Frederick Felman, vice president of marketing for San Francisco-based Zone Labs, said company analysts are taking a look at ZoneAlarm Pro to determine what course of action, if any, should be taken.

"The good news is that it looks like a vulnerability that requires user action," Felman said, adding that it doesn't look like a threat that could spread at random. "Users should feel safe, but apply the general practice of being careful of the sites they visit."

Kurczaba Associates said the vulnerability, discovered Monday, is of medium severity. It had not responded to a request for additional information at this writing.

Related Topics: Client security, VIEW ALL TOPICS

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: