Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer
 Support Center > Search Results > SecureKnowledge Details
Support Center
 Print    Email
Installing Microsoft security update for Windows (KB951748) might prevent Secure Access, Endpoint Security (Integrity) and ZoneAlarm users from accessing the Internet

Solution ID: sk35506
Product: Endpoint Security Client, SecureAccess / Integrity
Version: 5.0, 6.0, 6.5, 6.6, 7.0
Date Created: 09-Jul-2008
Last Modified: 02-May-2013
Rate this document
[1=Worst,5=Best]
Symptoms
  • Installing Microsoft security update for Windows (KB951748) might prevent Secure Access, Endpoint Security (Integrity) and ZoneAlarm users from accessing the Internet.
  • Unresolved DNS queries.

Solution
On July 8, 2008 Microsoft issued a security patch, which affects most Microsoft OS versions (excluding Vista).

The patch, Microsoft Security Bulletin MS08-037 - Vulnerabilities in DNS Could Allow Spoofing (953230) - patch KB951748, conflicts with Check Point Endpoint Security product and may result in Enterprise users being unable to access their DNS, preventing access to the Internet.

This article will be updated with any new development.



ZoneAlarm users should Click here for more details.


Check Point recommends not to install Microsoft security update for Windows (KB951748) on windows clients that have Check Point Secure Access/Integrity clients installed.

Users that have already installed Microsoft security update for Windows (KB951748) on their clients and experience Internet connectivity issues are advised to uninstall this patch from their clients (See instructions below).

Check Point has released updates to Secure Access/Integrity clients that resolve the conflict with Microsoft security update for Windows (KB951748). If you prefer to keep the Microsoft security update for Windows (KB951748) installed and experience issues when Secure Access/Integrity clients try to connect to the Internet, download and install one of the following updates to Secure Access/Integrity:

Note:
Our internal analysis shows that Integrity versions 5.1, 6.0 and 6.5 should not be affected by Microsoft security update for Windows (KB951748). The primary impact was on Zonelabs consumer firewall and on the current 7.0 release of Endpoint Security.
However, the fix has been applied to 5.1, 6.0 and 6.5 to mitigate the immediate risk to our customers while we analyzed the impact.

Endpoint Security 7.0.843.007

Integrity version 6.5.063.222
Integrity version 6.0.240.000

Integrity version 5.1



Endpoint Security users that prefer not to upgrade to version 7.0.843.007 and also prefer to keep the Microsoft security update for Windows (KB951748) installed should refer to sk35523 - Configuring Endpoint Security 7.0 to work with Microsoft security patch KB951748.

Uninstall Microsoft security update for Windows (KB951748) using one of the following methods:
  • Windows ?Add or Remove programs' control panel.

  • The command line.

To uninstall Microsoft security update for Windows (KB951748) using Windows ?Add or Remove programs' control panel:

  1. Click the ?Start' menu.

  2. Click "Control Panel", or click ?Settings' then ?Control Panel'.

  3. Click ?Add or Remove Programs'.
    The ?Add or Remove Programs' window opens.

  4. Select the ?show updates' checkbox at the top of the window.
    Installed programs and updates that are currently installed are displayed.

  5. Scroll down to locate Microsoft security update for Windows (KB951748).

  6. Click on the Microsoft security update for Windows (KB951748).
    The ?Remove' button appears.

  7. Click ?Remove'.
    The Microsoft security update for Windows (KB951748) is removed.

To uninstall Microsoft security update for Windows (KB951748) using the command line:

Run the following command in a windows command line window:
C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe

Note: This command assumes that Windows is installed on C: drive. In addition, you can specify command lines to the uninstaller as shown in the following examples:

  • The /quiet command line option makes the un-installation completely silent.
  • The /passive command line option shows a user interface, but no interaction is required.
  • The /help command line option displays information on additional command line options.


This solution is about products that are no longer supported and it will not be updated
Give us Feedback
Rate this document
[1=Worst,5=Best]
Additional comments...(Max 2000 characters allowed)
Characters left: 2000