Think you have a false positive on this rule?

Sid 1-44824

Message

BROWSER-IE Microsoft Internet Explorer VBScript Join out of bounds memory access attempt

Summary

This event is generated when an attempt to exploit CVE 2017-11869 is detected.

Impact

Remote code execution on the affected systems.

Detailed information

Affected systems

Ease of attack

Difficult.

False positives

None.

False negatives

None known.

Corrective action

Update to the latest version of Internet Explorer.

Contributors

  • Cisco's Talos Intelligence Group

Additional References