Zscaler Defends Against Zero Day Vulnerability in Internet Explorer 6/7:
Posted on: Tuesday, 24 November 2009, 13:24 CST
SUNNYVALE, Calif., Nov. 24 /PRNewswire/ -- Zscaler, Inc., the market leader in cloud-delivered multi-tenant Security as a Service (SaaS), today announced that it has deployed protections to protect customers against a new zero-day threat that affects Internet Explorer 6 & 7. Zscaler was able to deploy initial protections shortly after exploit code was first released and continues to update the protections as additional details become available through the Microsoft Active Protections Program, which Zscaler participates in.
Microsoft has released a security advisory (Microsoft Security Advisory 977981), warning of the threat, which can be triggered by a malformed Cascading Style Sheet (CSS). In the advisory, Microsoft has stated that a patch is not yet available but that they are monitoring the situation closely. CVE-2009-3762 has been reserved for this issue.
"Internet Explorer, versions 6 & 7 account for approximately 41% of web browsers in use today, so this vulnerability will be an enticing one for attackers," said Michael Sutton, vice president Security Research, Zscaler. "Attacks such as these are also prime candidates for targeting otherwise legitimate websites as an attack vector. The exploit can be triggered simply via HTML code, so attackers can inject code into websites with weak security protections." According to Sutton, Zscaler is continually monitoring for exploitation leveraging this attack vector by actively monitoring the traffic of Zscaler customers.
About Zscaler
Through a multi-tenant, globally-deployed infrastructure, Zscaler enforces business policy, mitigates risk, and provides twice the functionality at a fraction of the cost of current solutions. It enables organizations to provide the right access to the right users, from any place and on any device - while empowering the end-user with a rich Internet experience. For more information, visit us at www.zscaler.com.
Press Contacts: Paula Dunne, Contos Dunne Communications Office: +1-408-776-1400, Mobile: +1-408-893-8750 paula@contosdunne.comZscalerTM, and the Zscaler Logo are trademarks of Zscaler, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
SOURCE Zscaler
Source: PR Newswire
Related Articles
- Zscaler Partners With Microsoft to Provide Superior Security Protections
- Info Security Products Guide Names Verizon Internet Security Suite Winner of the 2009 Global Excellence Award for Best Internet Security Solution
- IPOWER Applications Announces New Child Internet Monitoring Portal and Software Applications
- Double-Take(R) Software Delivers Upcoming Webinar on Protecting Microsoft(R) SharePoint(R) Services
- Kaspersky Lab Introduces Kaspersky Security for Microsoft Exchange Server 2007
- EarthLink's New Online Security Center Helps Safeguard Consumer Internet Experience
- FaceTime Delivers Total Security and Control for Enterprise Internet Use
- CORRECTING and REPLACING BitDefender Unveils Next Generation Security Products; Newest Version of Internet Security and Antivirus Products Offers Consumers and SMBs the Industry's Most Powerful, Easy to Use Solutions for Security and Data Protection
- SonicWALL Vulnerability Team Acts at Lightning Speed to Secure Users Against Remote Code Execution Hole in Internet Explorer
- T-Online Uses Microsoft for French Internet TV
User Comments (0)
RSS Feeds