July 08 Windows Update (KB951748) = No internet?

[billyellis]

Today I downloaded and installed the Windows Update (XP Home) on my laptop.

After rebooting, I no longer can access the internet. I reset both my modem and router, and have rebooted several times, to no avail.

Has anyone else had this problem with the new updates from today?? I am pissed off.:suspiciou

 

[zipperman]

Not this again

Simple answer to this too often asked question. C
Call your ISP,the folks you pay (I think) for the service.
Why isn't that obvious ? Please explain asking here instead.
You need TECH SUPPORT,
BTW,Glad to see you got HERE somehow.

 

[billyellis]

Wow. I really don't appreciate that useless reply.

The effects of a Windows Update have nothing at all to do with your ISP. Which is obvious if you stop and think about your snide remark about how I got here. I am obviously using a second computer on the same home network that I have not applied the update to, and hence it has not been affected. So rather than making condescending remarks, if you had made that simple logical leap (I mention an inability to access the internet on a laptop, but am still posting here, and I mentioned a router...), perhaps you might have had something constructive to add instead of jumping to the wrong conclusion that the ISP is the problem.

That would be a huge coincidence even if there were not fairly obvious information in the original post indicating that that was not the issue. What are the chances of suddenly developing a problem with internet service in the 60 seconds between installing new OS updates and rebooting? Minuscule. On the other hand, there is a 99% probability that the updates (the last change made) are the source of the problem. Particularly since it would make no sense for MS to release updates that might interfere with ISP communication without notifying the ISP's in advance and resolving the conflict before the updates were released. But go ahead and be condescending if it makes you feel better about yourself.

I posted here to (a) find out whether anyone else has had the same problem or whether it may have something to do with my unique configuration, and (b) to warn people that there might possibly be a good reason to hold off on installing these latest updates. 24 hours from now they may post a revised update eliminating some glitch, but if your internet connection has been blocked by a faulty update, then you are SOL unless you have a second computer easily available.

 

[Blind Dragon]

This only seems to affect ZA & Comodo firewalls and a fix is being worked on by microsoft.
If you lose your connection with ZA, right click the taskbar icon, select restore ZA (second from bottom of list), click firewall and set the first setting to medium instead of high this will solve the problem.

If you are using Comodo you will have to give access to the programs that do not connect to the internet.

 

[Tarkus]

I'm having the same issues. started as soon as the update ran yesterday, on 3 of my computers, the fourth PC didn't get updated. I tried uninstalling the service pack and that didn't fix it. It seems to be an issue with the router. I found I can connect directly to the modem and get online but I can't get through the router. You can restore to a week before and get it back that way. I fixed my daughters PC that way but I turn Restore off on my PC, so I'm screwed. Now I'm hooked up on the lan and for some reason I'm online but no other PC can get online. something changed with that DNS security update.


zipperman, you're a boob.

 

[Tarkus]

....Thanks Blind Dragon, that got me going.

This only seems to affect ZA & Comodo firewalls and a fix is being worked on by microsoft.
If you lose your connection with ZA, right click the taskbar icon, select restore ZA (second from bottom of list), click firewall and set the first setting to medium instead of high this will solve the problem.

If you are using Comodo you will have to give access to the programs that do not connect to the internet.

 

[Blind Dragon]

What firewall? And did you uninstall update KB951978?

Edit: saw your next post - good deal

According to ZoneLabs you can either lower their security setting or uninstall KB951978 until this gets sorted


Edit 2: I haven't tested this but it is on zone alarm forums

If you wish to retain the MS updates and use the Internet Security slider at High (the default and correct setting), then do an uninstall of the ZA, after the required re-boot then manually remove the files found inside of these folders:

# WINDOWS\ Internet Logs folder
# Program Files\Zone Labs folder
# WINDOWS\system32\ Zonelabs folder
# any files in the Windows\Temp folder
# and any files found in the Temp folders found in the Document and Settings
# empty the Recycle Bin


Then re-install the ZA.

 

[Tarkus]

Blind dragon I did uninstall it from the blue folder in the windows dir, but I still couldn't connect. then I must have ticked that lower somewhere right before I bypassed the router and then it seemed to be working, then I hooked back up through the router and it stayed working. went and ticked that on my daughters PC because it went and did another update of the patch again today and stopped working while I was troubleshooting this PC. perfect storm. So anyway ticked that down to medium on the weather station PC and her PC and they started working too.

 

[captaincranky]

M$ update doesn't list KB951748 as specific to IE, or (?) as it were.

My machine got locked out of the internet by an earlier security update, possibly this number, KB950759.

Zone Alarm was treacherous also, as it closed the IP port on the same computer after a period in S3 standby. Had to kill it to get back on the web after wake.

 

[Tarkus]

Yeh, ZA can be a pain at times. I have a BEFSR41 with Zone Alarm Pro license for 4 PCs, it still works and I haven't paid for ZAP since 2002, for all 4 PCs. The router has special firmware that monitors for ZAP running on the PCs. I think when I tried to rule out Zone Alarm Pro I shut it down but my router was set to block internet access unless the PC was running ZAP. It's handy when a malicious program runs wild and kills ZAP and anti-virus and starts doing things on the internet. Yeh, even old timers occasionally do something stupid like running an unknown .exe.

 

[zipperman]

Did you need this Update

My server is a toll free number and would help me with this problem
Why are you avoiding this ?
But see if you can uninstall the update since you know it's name.
Read the details of updates,but you don't always need them.Even Criticals.
Know your system needs.
Quote KB951748 details,
How to Uninstall
This software update can be removed via Add or Remove Programs in Control Panel.
Now i wonder why you have this option ? You don't always.
I havn't installed it yet.Thanks for the warning.:wave:

 

[Btrain]

Microsoft update KB951748

I also lost internet connectivity after installing this update. The easiest remedy is to uninstall the update using "Add & Remove Programs" in "Control Panel". Be sure to check the box that says "show updates". After uninstalling you will need to reboot and your connection should be restored. MS will again annoy you to install the update, but I'm ignoring for now. I understand this only affects Zone Alarm & Commodo users.

 

[Rick]

My server is a toll free number and would help me with this problem

Maybe you live in a country where ISPs genuinely care about you and your computer, but here in the U.S., they check the modem, they check the line, walk you through connecting your computer directly to the modem, and set up a manual connection. Done.

Problems with updates, your router, problems with software etc... Are not dealt with by the ISP. Those are *your* responsibility.

 

[billyellis]

Problems with updates, your router, problems with software etc... Are not dealt with by the ISP. Those are *your* responsibility.

To quote the Fonz...exactamundo. Most US ISPs wouldn't give a sip of water to a child dying of thirst.

Good to hear it wasn't just me, although at the same time, not good to hear.

Hmmm...Microsoft has a long history of illegal behavior directly interfering with competitors (instead of simply improving their own products), and this seems to only affect a free firewall program that competes with their own crappy default firewall... I am guessing that this will raise some red flags somewhere, and rightfully so.

:grinthumb Thanks to Blind Dragon and all subsequent posters for your assistance.:grinthumb

Lastly, on the comment about not needing Security Updates. Maybe that is true, maybe it isn't. I admit that I have no idea what the "Malicious Software Removal Tool"s are really doing. But when a Security Update is released, from my perspective that means that someone has pointed out a vulnerability that is so bad that it has forced the massive MS corporation to overcome inertia and actually address the problem with a fix. So to me, new security updates indicate a vulnerability that is not minor. Just my opinion.

So while uninstalling a security update or Restoring to an earlier configuration are always an option, my immediate preference was to leave the computer max-protected and post a question here first, before deciding to roll back the clock and expose a potentially major vulnerability. I have some software with licensing that requires an internet connection, so being offline for a time is inconvenient. But the alternative is far worse than mere short-term inconvenience.

EDIT: One final update. ZA has released new versions of all products with a fix:

http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html

And to add to the suspicious nature of this incident, the above link mentions that this problem only affects XP/2000 and not Vista. So I am now completely convinced that this was an intentional effect of this update, a deliberate 'punishment' of users of ZA and Windows users who have refused to use the horrible Vista. I mean, they had to have tested the update before releasing it. So either it was a glitch they knew about and kept because they like to try and force users to move to their software, whether it works better than the alternative or not, or it was deliberately added in to achieve the same results. Draw your own conclusions....

Regardless, I guess it wasn't an ISP issue after all.

 

[Blind Dragon]

There is a good reason for this without going into detail they are trying to stay 1 step ahead before the exploit was found. It is similar to Iframe attacks but it could effect most legit websites -

Security expert Dan Kaminsky said that the case was unprecedented, but added: "People should be concerned but they should not be panicking."

"We have bought you as much time as possible to test and apply the patch," he said. "Something of this scale has not happened before."

Mr Kaminsky discovered the error in the workings of the Domain Name System (DNS) about six months ago.

DNS is used to convert web addresses written in words - such as www.techspot.com - into the numerical sequences used by computers to route internet traffic around the world.

The flaw revolves around the way that the servers that translate words into numbers handle the requests they get.

Unresolved the flaw would make it simple to operate "phishing" scams, in which users are directed to fake webpages supposedly for genuine banks or businesses and are tricked into disclosing credit card details or other personal data.

Mr Kaminsky talked to Microsoft, Sun and Cisco and many others in March and has been part of a team engaged in secret research since then to develop the security patch which has now been released simultaneously.

 

[billyellis]

OK, after all the problems with the last Windows Update, I am a little gunshy about installing SP3. I found this recent thread:

https://www.techspot.com/vb/topic108831.html

indicating one user's problems.

Have there been a lot of issues with this update, or have people found it to be generally innocuous?

Thanks.

 

[CCT]

Many many people have installed SP3 with NO problems.

I recommend you download it to a folder, then go off-line and shut off your AV. Defrag your comp. Then install.

 

[billyellis]

OK, I will go ahead and roll the dice, :suspiciou

Does your trouble start with the install of SP3 ? It has been a right old &&*%&-up.

Posts like that in the thread I linked to above made me nervous...

 

[zipperman]

My results

I installed SP3 and have no problems.
I have not installed KB951748 though.
See if it can be uninstalled,it says so below.
Quote Windows Update
===================
Security Update for Windows XP (KB951748)
Date last published: 7/8/2008
Typical download size: 503 KB
A security issue has been identified that could allow a remote attacker to misrepresent a system action or behavior unbeknownst to users on Microsoft Windows systems. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.
System Requirements
Recommended CPU: Not specified.
Recommended memory: Not specified.
Recommended hard disk space: Not specified.
How to Uninstall
This software update can be removed via Add or Remove Programs in Control Panel.

 

[kimsland]

Just to be very clear about all this.

Security Update KB951978 is Not faulty, and was Never faulty (it remains the same)
Service Pack 3 (was faulty when in release candidate - Beta form) But is now (and for some time) been perfectly working

Always do and continue all security updates from MS
While you're at it, make sure Antivirus updates are done too

Both in Automatic download mode.

 

[arbiter918]

Just to be very clear about all this.

Security Update KB951978 is Not faulty, and was Never faulty (it remains the same)
Service Pack 3 (was faulty when in release candidate - Beta form) But is now (and for some time) been perfectly working

Always do and continue all security updates from MS
While you're at it, make sure Antivirus updates are done too

Both in Automatic download mode.

Actually KB951978 was faulty I don't know about now b/c I uninstalled it. Thousands of Zone Alarm users could not access the internet after it was released. Just one more example of Microsoft releasing things before they're ready. win 95, 98, ME, Vista, Xbox 360. I think it safe to say it's normaly their products have bad results.

 

[kimsland]

arbiter918 please read my previous posts
The security update was not faulty, but thankfully because of it, Zone Alarm has updated their faulty program ! Now Zone Alarm have a working (newer version) program.

Zone Alarm should have really apologized for this mistake, that only happened to that one single program.

 

[gbhall]

Six of one and half-a-dozen of the other. MS are notorious for moving the goalposts, failing to inform other software vendors of changes or even specifications to work to in the first place. They can also, it has been mentioned, be suspected of causing deliberate trouble for competing software houses. MS make a firewall too......

 

[CCT]

If you bought a Ford and wanted to put a Chevy engine in it, would Ford have to provide all new interfaces for that engine?

NOT!

MS$ has NO OBLIGATION to notify anyone about fixes and security packages they provide except for legitimite users of their product.

 

[gbhall]

Wrong - MS has actually in KB951748 changed 12 .sys files in XP SP2, 10 in XP SP3 ref:http://support.microsoft.com/kb/951748

Some of those files are fundamental to the Windows O.S. communications with the internet, using protocols developed by international bodies, to whose rules MS are supposed to comply. Examples are tcpip, tcipiv6, socket layers mswsock and dsn handling (the basis of the security hole).

If MS chose to alter the way these things work, then (a) there is a fault with the way Windows implemented them, or (b) they are unilaterally changing an international standard.

My reading of the situation is that case (a) applies - MS have the usual faulty code, with buffer overflows etc. I think, but am not sure, the ZoneAlarm also uses the operating system fundamental code, (and would probably have to to work at all). The fact is probably that ZoneAlarm failed to recognise that MS might change such a fundamental part of the O.S., and ZoneAlarm was apparently not noticing the changed .sys files.

MS would normally notify all software houses of a change to these fundamental OS codes, but was possibly frightened to do so because of the gaping security hole that has been known about for 6 months or more, and no solution was available quickly, during which time the whole world was at risk.

I leave as a reader exercise to work out the implications of option (b) above. Dont you think that MS, even if their action is just changing a fundamental part of the O.S. which should respond according to international agreements, have a moral responsibility to inform everyone concerned, and much more if they made a unilateral change to the standard ?