Think you have a false positive on this rule?

Sid 1-49167

Message

BROWSER-IE Microsoft Edge variable length manipulation type confusion attempt

Summary

This event is generated when malicious crafted JavaScript designed to exploit Microsoft Edge browser is detected.

Impact

Attempted User Privilege Gain

Detailed information

A type confusion vulnerability exists in Microsoft Edge browser. The vulnerability can be exploited to achieve remote code execution.

Affected systems

Ease of attack

False positives

None known

False negatives

None known

Corrective action

Please follow corporate patching and update procedures.

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0655