OS-WINDOWS Microsoft Windows SMB named pipe buffer overflow attempt
This event is generated when an attacker attempts to exploit a buffer overflow vulnerability in Microsoft Window's SMB implementation.
Attempted User Privilege Gain
This rule checks for attempts to exploit a buffer overflow vulnerability in Microsoft Window's SMB implementation.
Ease of attack
- Cisco Talos Intelligence Group