Posted on: Thu, 06 Nov 2025 23:25:03 UTC
Impact Start Time: Thu, 06 Nov 2025 20:13:00 UTC
Impact Remediated: Fri, 07 Nov 2025 00:30:00 UTC
ZDP Endpoint – BSOD Issue
Customer Impact: Preliminary observations indicate that Windows endpoints running ZDP Endpoint v25.10.0.16 may encounter unexpected system crashes (BSOD).
Available Workaround: To reduce exposure while our teams finalize a fix, customers are advised to temporarily disable Zscaler Data Protection (Endpoint) on affected devices running this specific version.
Services affected: Security
Status: Monitoring
Event Type: Service Degradation

Zscaler is aware of an issue impacting Zscaler Data Protection (Endpoint). Devices running ZDP Endpoint version 25.10.0.16 may experience unexpected system crashes (Blue Screen / BSOD). We are continuing further analysis to refine the specific behavior characteristics and triggering conditions. Further rollout of this build has been halted pending root cause confirmation. Customers who are not on this specific endpoint version are not impacted.

For additional detail, customers may refer to updates in the Zscaler Customer Support Portal (CSP) under Service Status. Status changes and updates will be posted there as they become available.

Incident Status: Monitoring

Update - Fri, 07 Nov 2025 00:55:56 UTC

Zscaler has developed a fix addressing this issue. The updated build has completed validation and testing, and no further BSOD behavior has been observed. Live testing with an affected customer was also successful. We are now proceeding to enable this updated fix across the impacted customer base to restore full service stability. To install the ZDP Endpoint component on devices, Zscaler Data Protection (Endpoint) must be enabled in the Zscaler Client Connector (ZCC) App Profile configuration within the Zscaler Admin Portal. We will actively monitor rollout and service stability throughout deployment.

Update - Fri, 07 Nov 2025 17:43:10 UTC

The updated build ZDP 25.10.0.20 containing the fix has been released and enabled on the zscaler.net and zscalertwo.net clouds. Zscaler telemetry confirms that Global DLP Endpoint devices are successfully receiving the updated version. 

If Zscaler Data Protection (Endpoint) was previously disabled as part of the mitigation guidance, we recommend re-enabling the ZDP Endpoint installation within the Zscaler Client Connector (ZCC) App Profile under Data Protection > Install Endpoint ZDP to ensure the updated build is applied. Zscaler continues to monitor rollout and service stability, and any material changes or updates will be communicated.