The patch KB951748 affects ZoneAlarm products on XP & Vista - you cannot connect to the internet.
Solution is to lower to medium setting or manually configure ports in Custom/Expert.
MS and ZoneLabs are working on a fix

From The Inquirer
http://www.theinquirer.net/gb/inquirer/new...-caused-hacking

THE COMPUTER INDUSTRY has pulled together in a mad race to save the interwibble from falling into the evil clutches of hackers, which could have been caused by a recently discovered Domain Name System (DNS) flaw.
The vulnerability discovered in the DNS could have led to a serious phishing problem in which people were led to which fake websites and tricked into divulging sensitive information apparently.
The flaw was such that no matter which address users typed in to their browsers, it would still mean they could be hijacked and routed to a malicious site instead.
A security boffin for IOActive, by the name of Dan Kaminsky, was the first to stumble across the weakness six months ago "completely by accident". Kaminski noted, "I was looking at something that had nothing to do with security".
He immediately contacted industry Bigshots like the Vole, Cisco and Sun in order to get some help in fixing the problem.
"A lot of people really stepped up and showed how collaboration can protect customers" said Kaminsky who worked with 16 other boffins at Mighty-Soft's Redmond campus to come up with a fix. He also set up a web site where people can check to see if their computers are susceptible to the flaw.
The Vole released a patch in a software update package yesterday, and it's believed that automatic updating should be able to ward off the threat for the time being.
"People should be concerned but they should not be panicking," noted Kaminsky, who added, "we have bought you as much time as possible to test and apply the patch."
The technical details of the DNS problem are currently being kept pretty hush hush, in order to prevent, as far as possible, naughty hackers figuring out how to use it. But let's face it, with a challenge like that being thrown down, it might just be a matter of time.

link to the MS KB951748 download page.

http://www.microsoft.com/downloads/details...;displaylang=en

What ZA has to say

ZONEALARM SECURITY ADVISORY
Severity: High
Workaround to Sudden Loss of Internet Access Problem
Date Published : 8 July 2008
Date Last Revised : 9 July 2008
Overview : Microsoft Update KB951748 is known to cause loss of internet access for ZoneAlarm users
Impact : Sudden loss of internet access
Platforms Affected : ZoneAlarm Free, ZoneAlarm Pro, ZoneAlarm AntiVirus, ZoneAlarm Anti-Spyware, and ZoneAlarm Security Suite
Recommended Actions —
Option 1: Move Internet Zone slider to Medium
1. Navigate to the "ZoneAlarm Firewall" panel
2. Click on the "Overview" tab
3. Move the "Internet Zone" slider to medium
Option 2: Uninstall the hotfix
1. Click the "Start Menu"
2. Click "Control Panel", or click "Settings" then "Control Panel"
3. Click on "Add or Remove Programs"
4. On the top of the add/remove programs dialog box, you should see a checkbox that says "show updates". Select this checkbox
5. Scroll down until you see "Security update for Windows (KB951748)"
6. Click "Remove" to uninstall the hotfix

Contact : Check Point customers who are concerned about information contained in this advisory or have additional technical questions may reach our Technical Support team at: http://www.zonealarm.com/store/content/support/support.jsp. To report security issues with Check Point products contact security@us.checkpoint.com.

July 10, 2008 10:39 AM PDT
ZoneAlarm updated after Microsoft's DNS patch
Posted by Robert Vamosi 1 comment
On Thursday, Check Point Software Technologies released updated versions of all its ZoneAlarm products, addressing an incompatibility with a patch Microsoft released earlier this week.
The fix requires ZoneAlarm users to download the latest version, 7.0.438.000, from its site. A reboot is required to complete installation.
Since Tuesday, ZoneAlarm customers have complained that access to the Internet was denied after installing MS08-037, a patch designed by Microsoft to correct a vulnerability in both the client and server Domain Name System packages within Windows. Earlier on Tuesday, a security researcher announced a massive, multi-vendor patch release to address a fundamental flaw in DNS that could allow attackers to spoof IP addresses.
Workarounds included uninstalling MS08-037, changing ZoneAlarm's settings from high to medium, or temporarily using the Windows Firewall instead.
Check Point provided no additional comments about the cause of the outage.