locked
OneCare 2.0 on Vista Firewall 1.2.30.112 blocks Vista IE 7 KB942615 RRS feed

  • Question

  •  

    The December 2007 Security Bulletin MS07-069 updated Internet Explorer 7 with patch 942615 under Windows Vista.  After applying this patch, with all of the other December patches, OneCare BEGAN BLOCKING INTERNET EXPLORER!  Fix this with the next version of the firewall policy!

     

    Here is my suggestion to fix this issue.  All Microsoft security bulletins that patch Microsoft programs that access the Internet should be defined in the OneCare Firewall policy BEFORE or CONCURENTLY with the release of an official Microsoft patch.  After the patch is installed, the behavior defined for the program before the patch is applied should continue to be applied with the new version!  Lastly, if a patch provides significant new features or connects via the network in a manner much different that the older version of the application, it is acceptable to block access due to the new risks involved. 

     

    For example, if Microsoft releases a security patch for "Windows Live Messenger" that also uses the new fake protocol IPv8, I would like this blocked until I can evaluate the risk.  If a security patch for "Windows Live Messenger" is released that does not introduce new network connectivity, and I have allowed it in the past, the new patched version should be automatically allowed by the firewall (but this new patched version that is now allowed should be logged).  Lastly, if I had blocked the program in the past, the new patched version should also remain blocked.

     

    My system configuration:

    OneCare 2.0.2500.14

    Virus and spyware definition version: 1.23.5066.0

    Firewall policy version: 1.2.30.112

    OS Vista Ultimate x86

     

    Questions to be answered by OneCare support:

    1. Is the behavior I described reproducible, and do you consider this a bug?

    2. When will this be fixed?

    3. Has this occurred with IE or other Microsoft patches in the past?

      

    PS make the text in the screen "About Windows Live OneCare" selectable so we can copy and paste version info!

     

    PPS Are bugs in OneCare tracked via the Connect website, should I file this bug there as well?

    Friday, December 28, 2007 6:21 PM

Answers

  • The gist of your recommendation is quite sound and I would hope that the OneCare definitions are indeed updated to recognized patched Windows components by the time they are released. Of course, it is possible that you had not received the updated rules when they were deployed, before IE was patched, but I don't even know if OneCare has rules for IE in the signature/rules updates.

    I know that I am running the same OS as you and updated the afternoon of the release of the security updates and IE was not blocked by OneCare for me. And, I don't recall reading any other posts from people reporting this problem, so I suspect something else might be at play.

    You should probably contact support - 

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

    Unless you are in the Perpetual beta (in which case you should be reporting issues in the private newsgroup) there is no facility for bug reporting on Connect for OneCare at this time.

    -steve

    Friday, December 28, 2007 7:16 PM
    Moderator

All replies

  • The gist of your recommendation is quite sound and I would hope that the OneCare definitions are indeed updated to recognized patched Windows components by the time they are released. Of course, it is possible that you had not received the updated rules when they were deployed, before IE was patched, but I don't even know if OneCare has rules for IE in the signature/rules updates.

    I know that I am running the same OS as you and updated the afternoon of the release of the security updates and IE was not blocked by OneCare for me. And, I don't recall reading any other posts from people reporting this problem, so I suspect something else might be at play.

    You should probably contact support - 

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

    Unless you are in the Perpetual beta (in which case you should be reporting issues in the private newsgroup) there is no facility for bug reporting on Connect for OneCare at this time.

    -steve

    Friday, December 28, 2007 7:16 PM
    Moderator
  • I have Onecare 2.0 on Vista as well and I can't get to the internet with the Onecare Firewall turned on using Internet Explorer.  Sounds like the same problem that Steve is talking about.  What's the fix or work around? 

    Sunday, December 30, 2007 5:59 AM
  • Since the OneCare firewall should not be blocking IE and it is in your case, I recommend that you contact support to find out what is causing this.

    How to reach support - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

    If it fails to validate your subscription, select the option that you are using a trial or beta copy and you can proceed to email support without validation once you've signed in.

     

    -steve

    Monday, December 31, 2007 3:47 AM
    Moderator