OS-WINDOWS -- Snort has detected traffic targeting vulnerabilities in a Windows-based operating system. This does not include browser traffic or other software on the OS, but attacks against the OS itself.
OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt
This event is generated when an attempt to corrupt the memory of a Windows Kernel driver is performed via a malicious printer driver Impact: Local Privilege Escalation Details: The Windows Win32k.sys kernel driver is vulnerable to a memory corruption error that could lead to a local privilege escalation. By creating a malicious user-mode printer driver an attacker is able to corrupt the memory of the Windows system and obtain privileges that they should otherwise not have. Ease of Attack: Medium
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2019-1393 |
Loading description
|