Zscaler Protects Customers from Zero-Day Microsoft DirectShow Vulnerability




San Jose, California, July 7, 2009


Zscaler, Inc., the market leader in cloud-delivered multi-tenant Security as a Service (SaaS), today announced that within hours of receiving notification of a critical vulnerability in Microsoft operating systems, protections have been deployed to mitigate the threat. With Zscaler’s cloud-delivered security service, customers were immediately and transparently protected from the Microsoft DirectShow framework vulnerability, without needing to take any action on their own, such as deploying a patch on each appliance or every end-user computer.

Through its partnership with Microsoft, Zscaler is provided advanced notification and information about new vulnerabilities. Although a software patch is not yet available from Microsoft to fix the new vulnerability and may not be for several days, Microsoft has issued a public advisory regarding the ActiveX vulnerability as it is being actively exploited via ‘drive by download’ attacks from infected Web sites. Microsoft has additionally provided details of a workaround to protect users, however this requires making changes to the registry settings on each individual PC or laptop.

“With the high-speed, real-time inspection capabilities of the Zscaler infrastructure, we were able to quickly deploy countermeasures to protect our customers,” said Michael Sutton, vice president Security Research, Zscaler. “While it could take days for enterprises to implement a manual workaround on end-user machines, a SaaS service permits seamless deployment of protections from Web-based threats without any intervention required by our customers.”

For more information on the Microsoft DirectShow vulnerability, please visit https://docs.microsoft.com/en-us/


About Zscaler

Zscaler (NASDAQ: ZS) enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet Access™ and Zscaler Private Access™, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100 percent cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances are unable to match. Used in more than 185 countries, Zscaler operates a multi-tenant distributed cloud security platform, protecting thousands of customers from cyberattacks and data loss. Learn more at zscaler.com or follow us on Twitter @zscaler.

Zscaler™, Zscaler Internet Access™, and Zscaler Private Access™, ZIA™ and ZPA™ are either (i) registered trademarks or service marks or (ii) trademarks or service marks of Zscaler, Inc. in the United States and/or other countries. Any other trademarks are the properties of their respective owners.

Additional Resources:

Media Contacts:

Tom Stilwell
Vice President, Global Communications
[email protected]