Microsoft's July batch of security patches wound up breaking the functionality of the widely used ZoneAlarm Firewall, and the fault appears to reside entirely with Check Point, maker of the firewall.

On July 8 Microsoft issued a Security Bulletin, "MS08-037: Vulnerabilities in DNS could allow spoofing." The bulletin includes several updates to various system DLLs. According to some reports, the ZoneAlarm software did not adequately deal with existence of those new files.

As a result of the snafu countless Windows 2000 and XP users found themselves unable to access the Internet. The problem was especially painful for those who opt in to automatically install Microsoft patches as they become available. A few workarounds were posted to various support forums, including uninstalling the Microsoft patch when possible, or reseting ZoneAlarm by booting the system into "safe mode" and deleting specific files, or by lowering ZoneAlarm's Internet zone security to medium level.

Check Point eventually released updates to correct the problems.