Think you have a false positive on this rule?

Sid 1-47493

Message

BROWSER-IE Microsoft Edge Chakra Scripting Engine localeCompare type confusion attempt

Summary

This event is generated when a crafted HTML page designed to exploit Microsoft Edge traverses the network.

Impact

Attempted User Privilege Gain

Detailed information

A Type Confusion vulnerability has been found in Edge. Successful exploitation of this vulnerability can achieve Remote Code Execution.

Affected systems

  • Windows 10 (32-bit)

Ease of attack

False positives

None known.

False negatives

None known.

Corrective action

portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8355

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8355