A number of users are reporting that the new Kaspersky AV component in the latest ZoneAlarm Security Suite 7 is broken. And broken in such a way as to leave your system unprotected while appearing to be fully functional.
The problem manifests itself after a successful installation with the AV engine corrupting during a system signature update. Once corrupted it simply fails to offer any protection at all, although the user will be none the wiser of this unless they happen to put their protection to the test.
Something as simple as running an EICAR file past the scanner will do the trick.
With numerous complaints in the tech support forum, I thought I would investigate further having already positively reviewed the security suite for PC Pro magazine. During the extensive testing that is part of the review process none of the problems being reported manifested themselves, leading me to believe that this is one of those ‘hits some users and not others’ problems that seem to curse security software developers. Indeed, ZoneAlarm once had a terrible reputation for causing problems with different set-ups, and went through a period many years ago where serious security reviewers refused to recommend it as a direct result. However, in more recent years Check Point has managed to put a lid on such problems and ZoneAlarm deservedly sits at the top of the software firewall and security suite tree as far as many publications, users and the market is concerned.
Certainly the mailboxes and telephone answering machines as the PC Pro office have been deadly quiet on the matter, and if there was a widespread problem it would usually mean the exact opposite. To date there has been a single email from one reader who was affected. Anyway, I needed to get to the bottom of this and so using a combination of my ‘IT Security Journalist of the Year’ ‘Contributing Editor PC Pro’ and ‘Staff Blogger at DaniWeb’ hats I managed to get an official comment from Check Point regarding the issue.
“There was a bug that was affecting some users. It has been fixed in the new version, expected to be released this week."
So, should you be worried? Well, the answer is obviously yes if you have recently upgraded to the version 7 suite as your PC might be unprotected on the AV front. The easiest way to find out is to head over to EICAR and run a dummy virus file test. If your installation of ZoneAlarm does not catch the dummy file, then your AV module is corrupt and you should install a standalone scanner as an interim measure – there are plenty of free ones to choose from, just go Google. If it does catch the file, your installation is OK. Either way Check Point assure me that the upgrade will fix the problem for those who are affected, and fix it by the end of the week…