Zscaler Deploys Protections for Internet Explorer Zero-Day Vulnerability




San Jose, California, January 14, 2010


Zscaler, Inc., the market leader in cloud-delivered multi-tenant Security as a Service (SaaS), announced that it has globally deployed protections to combat a zero-day vulnerability in Microsoft Internet Explorer. The vulnerability (CVE-2010-0249) affects all currently supported versions of Internet Explorer and has been tied to recent high profile, targeted attacks

Numerous reports suggest that this vulnerability was used in recently publicized attacks on Google, Adobe, and others. A patch is not yet available for this issue. Moreover, suggested workarounds can be cumbersome to implement and will restrict features on legitimate websites. Zscaler was notified of the exploit through the Microsoft MAPPs program, through which Microsoft shares data with trusted partners.

“Targeted, web based attacks can be a powerful tool for criminals,” said Michael Sutton, vice president Security Research, Zscaler. “Zero-day attacks that impact popular software such as Internet Explorer impact virtually every organization. When vulnerabilities such as these emerge, rapid deployment of protections is absolutely critical.” According to Sutton, Zscaler was able to push protections to all Zscaler Enforcement nodes within hours of receiving exploit details from Microsoft.


About Zscaler

Zscaler (NASDAQ: ZS) enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet Access™ and Zscaler Private Access™, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100 percent cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances are unable to match. Used in more than 185 countries, Zscaler operates a multi-tenant distributed cloud security platform, protecting thousands of customers from cyberattacks and data loss. Learn more at zscaler.com or follow us on Twitter @zscaler.

Zscaler™, Zscaler Internet Access™, and Zscaler Private Access™, ZIA™ and ZPA™ are either (i) registered trademarks or service marks or (ii) trademarks or service marks of Zscaler, Inc. in the United States and/or other countries. Any other trademarks are the properties of their respective owners.

Additional Resources:

Media Contacts:

Tom Stilwell
Vice President, Global Communications
[email protected]