News Stay informed about the latest enterprise technology news and product updates.

Update: Vulnerability in ZoneAlarm Pro

ZoneAlarm Pro's mobile code filter doesn't weed out SSL content, leaving a door for exploitation.

An attacker could use a bypass vulnerability in Zone Lab's ZoneAlarm Pro software to lure users to malicious sites...

and there is currently no workaround, according to IT consulting firm Kurczaba Associates.

The firm said in its advisory that the problem was uncovered during testing on a Windows XP Professional machine running ZoneAlarm Pro 5.0.590.015. The machine was also equipped with Internet Explorer 6.0 and all patches.

The problem lies in ZoneAlarm Pro's mobile code filter, which integrates with Internet Explorer. The filter blocks potentially dangerous Web objects such as ActiveX, Java Applets, and certain MIME objects. It also blocks out any "application/*" MIME type.

"Unfortunately," the advisory said, it does not filter content on the secure sockets layer (SSL), a commonly used protocol for managing the security of a message transmission on the Internet. "A malicious person could lure a ZoneAlarm Pro user to a malicious SSL site with dangerous mobile code content; and ZoneAlarm Pro would not filter the mobile code."

Frederick Felman, vice president of marketing for San Francisco-based Zone Labs, said company analysts are taking a look at ZoneAlarm Pro to determine what course of action, if any, should be taken.

"The good news is that it looks like a vulnerability that requires user action," Felman said, adding that it doesn't look like a threat that could spread at random. "Users should feel safe, but apply the general practice of being careful of the sites they visit."

Kurczaba Associates said the vulnerability, discovered Monday, is of medium severity. It had not responded to a request for additional information at this writing.

Dig Deeper on Endpoint protection and client security

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.