Think you have a false positive on this rule?

Sid 1-45881

Message

OS-WINDOWS Microsoft Windows 10 gdi32 library integer overflow attempt

Summary

This event is generated when an integer overflow vulnerability case is triggers in the gdi32 library of Microsoft Windows 10.

Impact

Attempted User Privilege Gain

Detailed information

Affected systems

Ease of attack

False positives

False negatives

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-0817