Zscaler Protects Customers from Zero-Day Microsoft DirectShow Vulnerability

San Jose, California, July 7, 2009

Zscaler, Inc., the market leader in cloud-delivered multi-tenant Security as a Service (SaaS), today announced that within hours of receiving notification of a critical vulnerability in Microsoft operating systems, protections have been deployed to mitigate the threat. With Zscaler’s cloud-delivered security service, customers were immediately and transparently protected from the Microsoft DirectShow framework vulnerability, without needing to take any action on their own, such as deploying a patch on each appliance or every end-user computer.

Through its partnership with Microsoft, Zscaler is provided advanced notification and information about new vulnerabilities. Although a software patch is not yet available from Microsoft to fix the new vulnerability and may not be for several days, Microsoft has issued a public advisory regarding the ActiveX vulnerability as it is being actively exploited via ‘drive by download’ attacks from infected Web sites. Microsoft has additionally provided details of a workaround to protect users, however this requires making changes to the registry settings on each individual PC or laptop.

“With the high-speed, real-time inspection capabilities of the Zscaler infrastructure, we were able to quickly deploy countermeasures to protect our customers,” said Michael Sutton, vice president Security Research, Zscaler. “While it could take days for enterprises to implement a manual workaround on end-user machines, a SaaS service permits seamless deployment of protections from Web-based threats without any intervention required by our customers.”

For more information on the Microsoft DirectShow vulnerability, please visit http://www.microsoft.com/technet/security/advisory/972890.mspx

About Zscaler

Zscaler is revolutionizing Internet security with the industry’s first Security as a Service platform. As the most innovative firm in the $35 billion security market, Zscaler is used by more than 5,000 leading organizations, including 50 of the Fortune 500. Zscaler ensures that more than 15 million users worldwide are protected against cyber attacks and data breaches while staying fully compliant with corporate and regulatory policies.

Zscaler is a Gartner Magic Quadrant leader for Secure Web Gateways and delivers a safe and productive Internet experience for every user, from any device and from any location — 100% in the cloud. With its multi-tenant, distributed cloud security platform, Zscaler effectively moves security into the internet backbone, operating in more than 100 data centers around the world and enabling organizations to fully leverage the promise of cloud and mobile computing with unparalleled and uncompromising protection and performance. Zscaler delivers unified, carrier-grade internet security, next generation firewall, web security, sandboxing/advanced persistent threat (APT) protection, data loss prevention, SSL inspection, traffic shaping, policy management and threat intelligence—all without the need for on-premise hardware, appliances or software. To learn more, visit us at www.zscaler.com.

Additional Resources:

Media Contacts:

Whitney Black 
Director of Communications