Wrong - MS has actually in KB951748 changed 12 .sys files in XP SP2, 10 in XP SP3 ref:
http://support.microsoft.com/kb/951748
Some of those files are fundamental to the Windows O.S. communications with the internet, using protocols developed by international bodies, to whose rules MS are supposed to comply. Examples are tcpip, tcipiv6, socket layers mswsock and dsn handling (the basis of the security hole).
If MS chose to alter the way these things work, then (a) there is a fault with the way Windows implemented them, or (b) they are unilaterally changing an international standard.
My reading of the situation is that case (a) applies - MS have the usual faulty code, with buffer overflows etc. I think, but am not sure, the ZoneAlarm also uses the operating system fundamental code, (and would probably have to to work at all). The fact is probably that ZoneAlarm failed to recognise that MS
might change such a fundamental part of the O.S., and ZoneAlarm was apparently not noticing the changed .sys files.
MS would normally notify all software houses of a change to these fundamental OS codes, but was possibly frightened to do so because of the gaping security hole that has been known about for 6 months or more, and no solution was available quickly, during which time the whole world was at risk.
I leave as a reader exercise to work out the implications of option (b) above. Dont you think that MS, even if their action is just changing a fundamental part of the O.S. which should respond according to international agreements, have a
moral responsibility to inform everyone concerned, and much more if they made a unilateral change to the standard ?