Think you have a false positive on this rule?

Sid 1-47519

Message

FILE-OTHER Microsoft Graphics remote code execution attempt

Summary

This event is generated when Microsoft Graphics remote code execution attempt.

Impact

Attempted User Privilege Gain

Detailed information

Affected systems

Ease of attack

False positives

False negatives

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8344