OS-WINDOWS Microsoft Windows win32k.sys privilege escalation attempt
This event is generated when an attacker attempts to exploit a use after free vulnerability present in the win32k system driver.
Attempted Administrator Privilege Gain
Rule checks for an attempt to exploit a use after free vulnerability present in the win32k.sys driver.
Ease of attack
- Cisco's Talos Intelligence Group