RealTime IT News

Zone Labs Upgrades Security Software

In a stab at correcting some flaws in its products, Zone Labs Inc. Wednesday said it plans to go live with new security products to fend off viruses, hackers and other threats to the firewall at the operating system level.

Security watchdog WolfPak noted in a bulletin last December that ZoneAlarm "does not allow its users to maintain a true understanding of their threat level and exposure." Basically, a perpetrator could scan when using the common Nmap scan types ACK, FIN, Xmas, Window & Null without a system owner's knowledge.

Worse still, a perpetrator could use the boot process to his or her advantage because it allows a remote attacker access to shared resources available on the ZoneAlarm protected device. If file sharing is enabled via Windows Networking and proper Access Controls (ACL) are not utilized, complete access to all shared content can be obtained through NetBIOS drive mapping.

As of 3 p.m. EDT Wednesday, both ZoneAlarm Pro 2.6 and ZoneAlarm 2.6 will launched to combat this; the new products are equipped with enhanced intrusion blocking to recognize, block and mark dangerous threats; importantly, a "hardened" or more tightly integrated shell eliminates operating system holes for Windows users.

Despite no evidence of an exploitation of the "boot process" flaw, Zone Labs spokesperson Te Smith said the company has taken steps to staunch potential attacks. As a company whose flagship Zone Alarm products have been tapped by more than nine million users, what Zone Labs has aimed to do is offer a more intuitive product.

"Some of the tricks that hackers are using now are to try to get in a little bit earlier in the boot process on a PC so we wanted to make sure that ZoneAlarm and ZoneAlarm Pro are loading earlier or binding tighter to the operating system so that it minimizes that chance that malicious code could subvert the process," Smith told InternetNews Radio Wednesday.

ZoneAlarm 2.6 and ZoneAlarm Pro 2.6 will go live at the company's site. ZoneAlarm is currently free for personal use, $19.95 for business use. ZoneAlarm Pro costs $39.95 for a single user.

So, what can users expect to get from Zone Labs new applications?

As for specifications of the products, ZoneAlarm and ZoneAlarm Pro include a firewall to shield the PC against hacker attacks; e-mail attachment protection; and an application control feature which lets the user control which programs can communicate with the Net. This lessens the opportunity for spyware or malicious code to "call home."

For those haunted by nightmares of the "Melissa" or "I Love You" e-mail-borne viruses of last year, ZoneAlarm Pro adds an enhanced version of its e-mail attachment protection, which includes password protection and one-click support for local area networks.

Features in both products include an introductory tutorial, as well as more "alerts" with ratings and other advice.

InternetNews Radio Host Brian McWilliams contributed to this story.