Check Point response to: KHOBE – 8.0 earthquake for Windows desktop security software

Symptoms has published a new technique for evading OS firewall protections.
The attack is described in and in


A race condition attack that evades access control checks by substituting system call arguments.


  • ZoneAlarm Extreme Security 9.1.507.000 was reported to be vulnerable. However, ZoneAlarm has a protection against this type of attack.
  • To enable this protection ("Off" by Default), proceed as follows:
  • Launch the ZoneAlarm extreme Security GUI.
  • Select the "Program Control" menu item.
  • Under "Program Control", click "Custom". The "Custom Program Control Settings" popup appears.
  • Access the "Program Control" tab, and select "Advanced Control".
  • Select "Enable Timing Attack Prevention".
Have more questions? Submit a request


Article is closed for comments.
Trusted by nearly 100 Million users worldwide