San Jose, California, July 7, 2009
Zscaler, Inc., the market leader in cloud-delivered multi-tenant Security as a Service (SaaS), today announced that within hours of receiving notification of a critical vulnerability in Microsoft operating systems, protections have been deployed to mitigate the threat. With Zscaler’s cloud-delivered security service, customers were immediately and transparently protected from the Microsoft DirectShow framework vulnerability, without needing to take any action on their own, such as deploying a patch on each appliance or every end-user computer.
Through its partnership with Microsoft, Zscaler is provided advanced notification and information about new vulnerabilities. Although a software patch is not yet available from Microsoft to fix the new vulnerability and may not be for several days, Microsoft has issued a public advisory regarding the ActiveX vulnerability as it is being actively exploited via ‘drive by download’ attacks from infected Web sites. Microsoft has additionally provided details of a workaround to protect users, however this requires making changes to the registry settings on each individual PC or laptop.
“With the high-speed, real-time inspection capabilities of the Zscaler infrastructure, we were able to quickly deploy countermeasures to protect our customers,” said Michael Sutton, vice president Security Research, Zscaler. “While it could take days for enterprises to implement a manual workaround on end-user machines, a SaaS service permits seamless deployment of protections from Web-based threats without any intervention required by our customers.”
For more information on the Microsoft DirectShow vulnerability, please visit http://www.microsoft.com/technet/security/advisory/972890.mspx
Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet Access and Zscaler Private Access, create fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates a massive, global cloud security platform that protects thousands of enterprises and government agencies from cyberattacks and data loss. Learn more at zscaler.com or follow us on Twitter @zscaler.
Zscaler ™, SHIFT™, ZIA™, ZPA™, Direct-to-cloud™ and The internet is the New Corporate Network™ are trademarks or registered trademarks of Zscaler, Inc. in the United States and/or other countries. All other trademarks are the property of their respective owners.
Whitney Glockner Black
Director of Communications