Expanding to Korea

Theori is opening its first branch office in South Korea! The official opening date is February 2017 and the office will be located at WeWork Gangnam. We have already assembled a great team in Korea and we can’t wait to...

Chakra JIT CFG Bypass

Introduction As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge browsers. Our previous proof-of-concept exploit worked by ovewriting the...

Patch Analysis of MS16-063 (jscript9.dll)

A couple weeks ago, Microsoft released the MS16-063 security bulletin for their monthly Patch Tuesday (June 2016) security updates. It addressed vulnerabilities that affected Internet Explorer. Among other things, the patch fixes a memory corruption vulnerability in jscript9.dll related to...

Patch Analysis of CVE-2016-0189

Last month, Microsoft released the MS16-051 security bulletin for their monthly Patch Tuesday (May 2016) security updates. It addressed vulnerabilities that affected Internet Explorer, including the Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189), which was used in targeted attacks in South...

Introduction

Hello, everybody! It’s actually been a couple months since we started operating, but we’ve been busy with traveling and stuff. We are glad to finally roll our website blog where we can share our findings! For people who don’t know...