Rule Document 1:64652

Report a false positive

Rule Category

POLICY-OTHER --

Alert Message

POLICY-OTHER Microsoft Windows API MapUrlToZone potential security feature bypass attempt

Rule Explanation

This rule looks for a string within a file that is known to bypass a security feature in the Microsoft Windows API, MapUrlToZone.

What To Look For

This rule fires on potential attempts to bypass a security feature in the Microsoft Windows API, MapUrlToZone.

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2025-21247

Additional Links

msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21247

Rule Vulnerability

N/A

Not Applicable

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2025-21247
 Loading description