Zscaler Deploys Protections for Internet Explorer Zero-Day Vulnerability

San Jose, California, January 14, 2010

Zscaler, Inc., the market leader in cloud-delivered multi-tenant Security as a Service (SaaS), announced that it has globally deployed protections to combat a zero-day vulnerability in Microsoft Internet Explorer. The vulnerability (CVE-2010-0249) affects all currently supported versions of Internet Explorer and has been tied to recent high profile, targeted attacks

Numerous reports suggest that this vulnerability was used in recently publicized attacks on Google, Adobe, and others. A patch is not yet available for this issue. Moreover, suggested workarounds can be cumbersome to implement and will restrict features on legitimate websites. Zscaler was notified of the exploit through the Microsoft MAPPs program, through which Microsoft shares data with trusted partners.

“Targeted, web based attacks can be a powerful tool for criminals,” said Michael Sutton, vice president Security Research, Zscaler. “Zero-day attacks that impact popular software such as Internet Explorer impact virtually every organization. When vulnerabilities such as these emerge, rapid deployment of protections is absolutely critical.” According to Sutton, Zscaler was able to push protections to all Zscaler Enforcement nodes within hours of receiving exploit details from Microsoft.

About Zscaler

Zscaler is revolutionizing Internet security with the industry’s first Security as a Service platform. As the most innovative firm in the $35 billion security market, Zscaler is used by more than 5,000 leading organizations, including 50 of the Fortune 500. Zscaler ensures that more than 15 million users worldwide are protected against cyber attacks and data breaches while staying fully compliant with corporate and regulatory policies.

Zscaler is a Gartner Magic Quadrant leader for Secure Web Gateways and delivers a safe and productive Internet experience for every user, from any device and from any location — 100% in the cloud. With its multi-tenant, distributed cloud security platform, Zscaler effectively moves security into the internet backbone, operating in more than 100 data centers around the world and enabling organizations to fully leverage the promise of cloud and mobile computing with unparalleled and uncompromising protection and performance. Zscaler delivers unified, carrier-grade internet security, next generation firewall, web security, sandboxing/advanced persistent threat (APT) protection, data loss prevention, SSL inspection, traffic shaping, policy management and threat intelligence—all without the need for on-premise hardware, appliances or software. To learn more, visit us at www.zscaler.com.

Additional Resources:

Media Contacts:

Whitney Black 
Director of Communications