Headline
CVE-2022-23743: ZoneAlarm Extreme Security release history official page
Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process.
15.0 Branch
- 15.8.200.19118
- Critical Security vulnerability fix. CVE-2022-23743
- This version is not supported for Windows 7
- 15.8.189.19019
- Bug fixes and stability improvements for Windows 11
- 15.8.181.18901
- Fix installation failure due to missing root certificate
- 15.8.169.18768
- Improved: Enhanced code signing procedures
- Fixed: Bug fixes to improve stability and upgrades from previous versions
- 15.8.163.18715
- New: Updated version for Anti-Ransomware engine
- Improved: Stability
- Fixed: Bug fixes and Improvements
- 15.8.145.18590
- New: Updated version for Anti-Virus engine
- Improved: Stability
- Fixed: Bug fixes and Improvements
- 15.8.139.18543
- New: Updated version for Anti-Ransomware Engine
- Improved: Stability
- Fixed: Bug fixes and Improvements
- Fix for CVE-2020-6022: ZoneAlarm Extreme versions before 15.8.139.18543 allow a local actor to delete arbitrary file while restoring files in Anti-Ransomware.
- Fix for CVE-2020-6023: ZoneAlarm Extreme versions before 15.8.139.18543 can allow a local actor to escalate privileges while restoring files in Anti-Ransomware.
- 15.8.125.18466
- Fixed: Bug in Anti-keylogger on Windows 10 2004 (20H1) x86. AKL will BSOD if its enabled when you upgrade your OS to the 2004 (20H1) release
- Fix for CVE-2020-6012: ZoneAlarm Anti-Ransomware before version 1.0.713 (included in ZoneAlarm Extreme Security version 15.8.125.18466) copies files for the report from a directory with low privileges. A sophisticated timed attacker could have replaced those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems
- Improved: Stability
- 15.8.109.18436
- Fixed: Fix for CVE-2020-6013 - Insecure directory privileges allow for a local escalation of privilege on systems not patched with Microsoft CVE-2020-0896
- 15.8.038.18284
- Improved: Stability
- Fixed: Bug fixes and Improvements
- 15.8.026.18228
- New: New version of Anti-Key Logger with bug fixes
- New: New version of Self Protection Driver with bug fixes to prevent intermittent suspending of critical processes
- Improved: Stability
- 15.6.121.18102
- New: Antivirus SDK with better protections
- New: Full support for Windows 10 19H1
- Fixed: Bug fixes to improve ZoneAlarm Anti-Ransomware uninstall and upgrade
- 15.6.111.18054
- Fixed: Partial Installation problem
- Fixed: Installation errors 1603 and 4096
- Fixed: Bug fixes and Improvements
- 15.6.028.18012
- New: Anti-Ransomware
- New: ZoneAlarm Mobile Security
- New: Web Secure, blocks phishing attacks and safely download documents in Chrome
- Fixed: Bug fixes and Improvements
- Removed: Find My Laptop
- Removed: Online Backup
- 15.4.260.17960
- Fix for CVE-2019-8452
- Fix for CVE-2019-8453: Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client.
- Fix for CVE-2019-8455: A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
- Check Point would like to thank Jakub Palaczynski for reporting the issues
- 15.4.062.17802
- Removed: Parental Controls
- Added: Anti-Phishing to user interface
- 15.3.060.17669
- New: Support for Windows 10 Spring Update 1803
- Improved: New and improved AV engine
- Fixed: Bug fixes and Improvements
- Removed: PC Tune-Up
- 15.2.053.17581
- Improved: New and improved AV engine
- Improved: Integration with Windows Defender Security Center
- Removed: Anti-Spam
- 15.1.522.17528
- Improved: Compatibility with Microsoft Meltdown/Spectre security updates.
- 15.1.501.17249
- New: Support for Windows 10 Creator’s Update
- Improved: New and improved AV engine
- Improved: performance enhancements
- Fixed: A local privilege escalation attack in Anti-Virus.
- Check Point would like to thank Florian Bogner for discovering the issue and bringing it to the attention of Check Point.
- 15.0.159.17147
- Fixed: Upgrade issue from Suite to Extreme
- 15.0.156.17126
- New: Anti-Phishing for Chrome Browser
- Fixed: Diagnostics Tool uploading
- 15.0.139.17085
- Fixed: VC 14 Redistributable installation issue.
- 15.0.123.17051
- New: Anti-Phishing Extension
- Improved: Product update notifications.
- Improved: Stability and performance enhancements.
14.0 Branch
- 14.3.119.000
- Fixed: Compatibility with Windows 10 Anniversary Update (build 14393)
- 14.2.255.000
- New: Antivirus Engine
- Improved: Virus/Malware detection improvements
- Improved: Various performance improvements
- Improved: Better compatibility on 4K and high resolution displays
- Fixed: iTunes backup and startup time
- Fixed: Rosetta Stone compatibility
- 14.1.057.000
- Fixed: compatibility issues with 3rd party software, including iTunes and Star Wars: Knights of the Old Republic
- 14.1.048.000
- Improved: New Blur version
- Fixed: Cloud AV event logging
- Fixed: Localization fixes
- Fixed: Security fixes
- Misc: Other minor bug fixes and improvements.
- 14.1.011.000
- Fixed: Compatibility with Windows 10 fall update.
- Fixed: Alert popups no longer appear off the viewable part of the screen and can now be dragged on the screen.
- Misc: Other minor bug fixes and improvements.
- 14.0.522.000
- Fixed: Upgrade to Win 10, installer bug fixes.
- Fixed: Other Non-Win10, installer bug fixes.
- Fixed: Blur bug fixes and improvements.
- Fixed: AV bug fixes.
- Misc: Other minor bug fixes and improvements.
- 14.0.508.000
- New: Windows 10 compatible
- 14.0.157.000
- New: Pre-Release Windows 10 compatibility
13.0 Branch
- 13.4.261.000
- New: Parental Controls added for Windows 8.1
- New: Antivirus Engine
- Fixed: Antivirus update errors
- Improved: Stability and performance enhancements
- 13.3.226.000
- Fixed: First time ZA installation on Windows 8.1 32bit Only, install issue. (limited public release)
- 13.3.209.000
- New: Antivirus Engine
- Improved: Stability and performance enhancements
- 13.3.052.000
- New: Antivirus Engine
- Updated: Firewall Driver (security and other fixes)
- Improved: Localization fixes
- Improved: Stability and performance enhancements
- 13.2.015.000
- Improved: Anti-Virus improvements
- Improved: Minor performance and stability fixes
- 13.1.211.000
- Updated: Antivirus Engine improved compatibility with Windows 8.1 Update 1
- Improved: ZoneAlarm client protection from Heartbleed vulnerability
- Improved: Stability and performance enhancements
- 13.0.208.000
- New: Advanced Real-Time Antivirus (Real-Time Cloud Protection)
- New: Threat Emulation
- New: Anti-Keylogger
- Updated: Antivirus engine
- Updated: UI minor adjustments
- Improved: Enhanced Browser Protection (Web Monitor)
- Improved: PC Tune-Up
12.0 Branch
- 12.0.104.000
- New: Windows 8.1 support.
- Updated: Antivirus engine.
- Improved: AV detection.
11.0 Branch
- 11.0.780.000
- Improved: Antivirus detection.
- 11.0.768.000
- New: Updated AV Engine.
- New: Web scanner - blocks web threats before they reach your browser or hard drive.
- New: Forcefield removed, replaced with new and improved Site Check technology and security toolbar.
- New: Latest version of Firefox is supported.
- Improved: Stability and performance enhancements.
- 11.0.000.504
- Added: Windows 8 - ELAM protection (Early Launch Anti-Malware)
- Updated: Antivirus Engine
- Improved: Rootkit detection
- 11.0.000.054
- Fixed: Compatibility issue with XP SP2
- Fixed: Parental controls installation exception error.
- 11.0.000.038
- New: Do Not Track
- New: Facebook Privacy Scan
- Added: Firefox 17.0.1 support
- Improved: AV Behavioral Scanning Engine
- 11.0.000.020
- Improved: AV engine
- Fixed issue: Installer screens not displayed properly on some systems
- 11.0.000.018
- Added: Windows 8 compatibility
- Added: Firefox 16 support
- Fixed: Java 7 compatibility
10.0 Branch
- 10.2.078.000
- Added: Firefox 15 support
- 10.2.074.000
- Added: Italian language localization
- 10.2.073.000
- Optimized: Installer, component installation order
- 10.2.072.000
- Added: Firefox 14 support
- Fixed issue: Chrome configuration fix
- Fixed issue: ZA Free, messaging usability improvements
- 10.2.068.000
- Added: Firefox 14 support
- Added: Stop all internet activity option
- Added: Snooze AV or Firewall for 5 mins option
- Improved: Security toolbar
- Improved: AV engine
- Improved: Installer
- Fixed issue: Riskware options usability
- Fixed issue: Various other improvements and fixes
- 10.1.079.000
- Added: Remember this setting back into the Alerts
- Added: List view sorting for Programs list
- Added: Program Trust level can be set from the Program list view again
- Fixed issue: Antivirus Logging enabled in some cases after installation
- Fixed issue: Display issue with treatment of riskware in archives
- Fixed issue: In some cases an Antivirus scan was started after every reboot
- Fixed issue: Display problem with some Application firewall rules
- Fixed issue: Program list view icons are not always displaying correctly in localized versions
- Fixed issue: Default program control setting should be Auto mode
- Fixed issue: Program list “kill” mode icon not displayed correctly
- Fixed issue: No warning is displayed when a program is set to “kill”
- Fixed issue: AntiSpam version not displayed in Vista/Win7
- Fixed issue: Various other improvements and fixes
- 10.1.065.000
- Added: Support for Firefox 8 (web security toolbar)(prior versions of Firefox will not be supported)
- Fixed issue: Use the correct date for firewall logs
- Fixed issue: User can’t select install path on 64-bit machine
- Fixed issue: Long path installation not working
- Fixed issue: Problem with Program Alerts displaying correctly
- Fixed issue: Various other improvements
- 10.1.056.000
- Browser security toolbar now supports Firefox 7 (prior versions of Firefox are not supported)
- Fixed issue: antivirus updates sometimes failed
- New universal installer for all supported languages
- New and improved notifications for antivirus Advanced Disinfections
- New “Synchronize License” link is now in the Tools menu
- Fixed issues that occurred in some instances:
- Fixed issue: Application Control Expert Rules not working properly
- Fixed issue: Not all Alert & Log settings persist after restart
- Fixed issue: Advanced disinfection dialog error
- Fixed issue: Expert Rule not blocking SSL properly
- Fixed issue: Backup and Restore stop working after restarting
- Fixed issue: Proxy settings are not correctly saved when updating from 9.x to 10.x
- Fixed issue: License key is not always refreshed in UI
- Fixed issue: Public / Trusted zone settings not displaying correctly
- Fixed issue: Installer failed with error 127
- Fixed issue: On startup, check for orphaned av.tmp files and then delete them
- Fixed various other stability and usability fixes
- 10.0.250.000
- Added support for Firefox 5 and Internet Explorer 9 for ZoneAlarm Security toolbar
- Fixed conflict with HP Support Assistant
- Fixed problem where a daily scan would sometimes occur when not scheduled
- Fixed DataLock 64-bit uninstall issue
- Fixed problem where DataLock could not be uninstalled after full encryption
- 10.0.243.000
- Improved client installation
- Add SKU name in client about box
- 10.0.241.000
- This update improves compatibility with non-English operating systems and stand-alone versions of Hard Drive Encryption.
- 10.0.240.000
- New user-friendly design: Easy for all levels of users, confirms protection at a glance. Runs automatically, is easy to customize and provides instant access to support and 24/7 live chat.
- Quick install: Makes securing your computer faster and easier than ever.
- Enhanced Cloud Security: 3rd generation cloud technologies detect 50,000 - 75,000 new applications every day and verify threats detected by behavioral scans.
- New Antivirus engine: Including behavioral detection and advanced virus removal, plus virus pre-scan during installation.
9.0 Branch
- 9.3.037.000
- This update includes security and stability improvements, and fixes a rare file download issue.
- 9.3.014.000
- Performance and stability improvements:
- Includes Microsoft patch for Windows 7 system:
- Resolves issues with running two security products at once
- Resolves Internet connectivity and stability issues, especially with Windows 7 64-bit systems
- IPv6 support now on by default for supported operating systems
- Fixed: Issue causing slow startup of Internet Explorer
- Fixed: Excessive hard drive activity issue
- 9.1.603.000
- OS support: Windows 7 SP1 BETA now supported
- Performance and stability improvements:
- Fixed: Issues that sometimes inhibited PC performance
- Fixed: Hibernation issues
- Fixed: Delays on initial loading of certain programs, including Internet Explorer 8
- Fixed: Crypt32 errors appearing in event log
- 9.1.507.000
- Improved client analysis of threat events to feed into and improve Program Advisor for faster, more thorough responses to threat outbreaks and increased usability
- Clicking the “Check for Updates” button now includes a check for Browser Security updates
- Anti-virus scan speed improved, along with other minor anti-virus improvements
- Usability improvements to Anti-virus and Browser Security settings
- Browser Security Advanced Download Detection now shows green alert when a download is safe and red when a download is dangerous
- Improved anti-virus signature update reliability
- Various stability and performance improvements, including fixed issues shown below
- Fixed: Contextual (right-click) scan doesn’t work for shared network drives on 64-bit platforms
- Fixed: Service Control doesn’t detect kernel4b.exe test from Matousec.com
- Fixed: Preboot screen still appears after system decryption
- Fixed: Scanning Status window sometimes freezes after resuming from sleep mode
- Fixed: Browser security does not detect Winamp Lite as good file
- Fixed: Heuristic anti-phishing doesn’t work with French localization
- Fixed: Unable to use SnagIt program after disabling anti-keylogger
- Fixed: Anti-keylogger not working in IE8 when minimizing one window from two on Vista x64
- Fixed: Firefox “Add-ons” window always appears after “Clear Virtual Data” in Browser Security settings
- Fixed: Scanning Status window freezes while scanning network files (right-click scan)
- Fixed: Dynamic Trial Screen statistics display not working correctly
- Fixed: Installation on Vista Home Basic is not blocked (should be blocked because not supported)
- Fixed: IE8 Web-page Save dialog contains no file name in File name field
- Fixed: Anti-virus scan doesn’t start during drive encryption
- Fixed: Wrong text in Recovery Wizard window when uploading failed
- Fixed: Blue screen occurred while browsing in Mozilla Firefox 3.5.3 on XP. Bookmarks and history cleared.
- Fixed: IE7 and Firefox won’t launch after enabling Virtualization and setting Program Control to Max.
- Fixed: Installation hung on “Configuring ZoneAlarm Extreme Security” window on Win7.7600 x64
- Fixed: Anti-keylogger blocks all entered data after file download in IE6
- Fixed: It is not possible to type something in IE6 with disabled browser security on Win XP SP3
- Fixed: Browser security blocks “Snipping Tool” on Win 7
- Fixed: Blue screen sometimes happened before or after computer going to sleep mode
- Fixed: Windows shows alert during ZoneAlarm installation
- Fixed: Rare vsmon crash during ZoneAlarm upgrade
- Fixed: Slow ZoneAlarm update on Win 7 32bit
- Fixed: On Win 7, folder created called “ZoneAlarm” containing shortcut to Diagnostics Tool
- 9.1.008.000
- Windows 7 operating system compatibility
- Component Object Model (COM) monitoring (to stop advanced attacks that use the COM Windows component)
- Improved antivirus/anti-spyware with enhanced rootkit detection
- Improved status reporting during anti-virus updates
- Improved performance in Browser Security module
- Addressed a rare issue where keystroke encryption caused erroneous typing output
- 9.0.114.000
- Fixed: Unable to install Adobe Flash Player add-on under Mozilla Firefox 3.5.3 in Internet mode
- Fixed: Unable to install No Script add-on for Firefox when virtualization is enabled
- Fixed: Communication with Smart Defense Advisor
- Fixed: Not possible to type in Internet Explorer (IE) 7 in Private browsing mode
- Fixed: System stops responding after opening PDF file in IE 7 and 8 on XP when virtualization is on
- Fixed: Blue screen crash after starting IE 7 (if ForceField is set to manual startup)
- Fixed: Performance problems when using iTunes
- Fixed: Screen freezes during ZoneAlarm installation or configuration in some cases
- Fixed: AV DAT version is correctly refreshed after an AV update
- Fixed: Adding a firewall rule to block a specific hostname blocked all traffic
- 9.0.083.000
- Hard Drive Encryption for Laptops (optional add-on):
- In order to stop laptop thieves from stealing your data and identity, encrypts all your data so only you can see it.
- Free 24/7 password recovery, plus disk self-recovery program
- More Browser Security features added:
- Advanced Download Protection:
- Detects the latest zero-day threats in downloads that you initiate-before they reach your computer
- Includes heuristic analysis and program check
- Can run and analyze download behavior in a virtual environment if necessary
- Additional layer of keylogger protection–encryption ensures only the intended application can read your keystrokes
- New unified anti-virus and anti-spyware engine:
- Scans 80%-90% faster and combines anti-virus and anti-spyware into one scan
- More advanced scan options- riskware, ADS, heuristic scanning, and more exception options
- Additional on-access scan controls
- On-access scanning now detects spyware
- Program control features to stop advanced security bypass attacks:
- Timing attack protection
- Service control manager protection (not supported on 64-bit and Windows 7)
- Other enhancements:
- Many performance improvements
- Reduced number of unnecessary alerts
- Windows 7 ready (Free compatibility update to run on Windows 7 when it is released)
8.0 Branch
8.0.400.020
- Firewall Enhancements for the High level setting:
- Service Control Manager (SCM) monitoring to catch drivers being launched
- Raw disk access detection added to catch malware that tries to open the kernel memory directly
- Installation:
- Cleaner uninstall
- Automated Windows XP Service Pack 2 upgrade option
- Faster upgrade installations
- Fixed Issues:
- Fixed issue where Antivirus could not be enabled.
- Incompatibility issues with Remote Desktop connections have been resolved.
- Incompatibility issues with Cisco VPN have been resolved.
- Other Enhancements:
- Email security now supports 64bit Vista, IMAP accounts and the Windows Mail client
- Stability and performance improvements
8.0.298.035
- The update provides additional protection against the Conficker virus, which could cause damage starting April 1, 2009.
8.0.298.000: First version
ZoneAlarm introduces its premium security offering with all of the features of ZoneAlarm Internet Security Suite plus integrated browser protection, secure online backup and system maintenance. Features include all features of ZoneAlarm Internet Security Suite plus:
- Browser security built in – integrated ZoneAlarm ForceField protects your identity and your computer as you surf the Internet.
- Virtualized browsing automatically places automatic, uninvited (drive-by) downloads from the Internet safely into a virtual file system where they’re destroyed – never touching your actual computer hard drive
- Signature and heuristic anti-phishing
- Browser file encryption to prevent information harvesting and spear phishing
- Web site safety check to valdate the Web pages you visit
- Keylogger/screengrabber jamming prevents hidden software from monitoring your keystrokes and taking pictures of your computer screen
- Private browsing – with the click of a button, surf the Internet without leaving any tracks behind on your PC.
- Dangerous download detection scans all programs you download against a list of 1 million plus program signatures
- Secure online backup for important music, pictures and other files with optional private key encryption for “hack-proof” storage.
- PC Tune-up to keep your computer organized and running as efficiently as possible
- Browser security built in – integrated ZoneAlarm ForceField protects your identity and your computer as you surf the Internet.
Related news
IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609.
Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading to execution of code as local system, in ZoneAlarm versions before v15.8.211.192119
IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214619.
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an upload program request from an infected Xinje PLC. This can result in remote code execution, information disclosure and denial of service of the system running the XINJE XD/E Series PLC Program Tool.
The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request.
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication.
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication.
Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.
Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Wedding-Management/package_detail.php.
Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php.
Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result&searchfor=advancesearch.
An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
An arbitrary file upload vulnerability in the Upload Photos module of Wedding Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files.
A vulnerability in Black Duck Hub’s embedded MadCap Flare documentation files could allow an unauthenticated remote attacker to conduct a cross-site scripting attack. The vulnerability is due to improper validation of user-supplied input to MadCap Flare's framework embedded within Black Duck Hub's Help Documentation to supply content. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information.
In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-212467440
An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page.
Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page.
Prototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earlier allows attackers to compromise integrity or availability of application via supplying a crafted object (that contains an own property "__proto__") as an argument to the function.