OS-WINDOWS Microsoft Data Sharing dssvc.dll arbitrary file deletion attempt
This event is generated when an executable designed to delete arbitrary files traverses the network.
Attempted Administrator Privilege Gain
Microsoft Windows 10 Microsoft Data Sharing has a bug that allows for arbitrary deletion of files without having to impersonate admin.
- Windows 10, Windows Server 2016, Windows Server 2019.
Ease of attack
- Cisco's Talos Intelligence Group