ZoneLabs Won't Fix Hole In Free Firewall

from the if-it's-free,-you-should-suffer-through dept

ZoneLabs provides the most popular “free” firewall product out there. It seems to be the standard product that people recommend, but now that a security vulnerability has been found, ZoneLabs only response is that people should upgrade to the paid-for version. They won’t fix the free version, because it would be too much trouble, and they don’t think the security hole is that big (basically begging hackers to exploit the hole). I can understand not adding new features to a free version, but leaving open a known exploit for a security product doesn’t seem too smart. It wouldn’t make me that comfortable using either version. If I were a competing company like Kerio (which also offers a similar free-for-home-use personal firewall), I’d be out there promoting how my solution was more secure than the market leader’s.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “ZoneLabs Won't Fix Hole In Free Firewall”

Subscribe: RSS Leave a comment

No Subject Given

Zone Alarm used to be a freeware product. Then they started messing with lite and full editions. I stopped using their products then. When I upgraded my zone alarm to find that half of the features in the free version were disabled. I was pissed! Why should I bother with a company that pulls this kind of crap???

Aaron Anderson (user link) says:

Is there some evidence that Kerio is not vulnerabl

Quote from the ExtremeTech article: “… since the vulnerability was tied to Windows, the vulnerability would also affect other firewall manufacturers and not just ZoneAlarm.”

I searched Kerio’s website for some mention of the ShellExecute vulnerabilty and they make no reference to it. Similarly a few simple Google searches yeilded no results.

I’m not sure if this problem warrants everybody picking on only ZoneAlarm just yet.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...