Customer Spotlight: Solving BYOD For This Private School Didn’t Require Magic, Just a Fresh Approach

posted by: on November 27, 2014 8:00 AM

filed in: Customer Spotlight
tagged: ,

On this Thanksgiving day here in the United States, we wanted to highlight an atypical school that needed — and found — an atypical security solution.

If you’re a fan of the Harry Potter series, Annie Wright Schools in Tacoma, Washington, might make you think of Hogwarts: school dances in the ‘Great Hall,’ a competition for the ‘House Cup,’ and a picturesque campus with a weeping willow tree, a tower and occasionally a wild owl sighting or two. The original Annie Wright School opened its doors in 1884, and today hosts 400 local students, with about 100 boarding students from all over the world living in its dormitories.


…Continue reading

Addressing CVE-2014-6332 SWF Exploit

Continuing a recent trend in which Internet Explorer vulnerabilities are exploited using Flash, samples of an SWF purportedly used in conjunction with CVE-2014-6332 have appeared in several places. The most famous examples of this trend are the exploits for CVE-2014-0322 and CVE-2014-1776.

We have yet to encounter the SWF sample with its original exploit attached, but by looking at the SWF, it is clear that it is constructed to function with several forms of memory corruption, making the vulnerability itself less interesting. That is a great example of why our Advanced Endpoint Protection approach, which focuses on the core techniques used in attacks, works well. It will prevent uses of this SWF framework, regardless of the vulnerability it is used with.

The interesting part in this exploit is the Flash component. At first glance at the decompiled ActionScript shown here, it seems fairly straightforward, sharing much of its code with the previously seen exploits: …Continue reading

Older posts →

Get Updates
Sign up to receive the latest news, research, and reports from Unit 42.

Privacy Policy