Think you have a false positive on this rule?

Sid 1-49753

Message

BROWSER-IE Microsoft Internet Explorer use-after-free attempt

Summary

This event is generated when a specially crafted HTML document that is designed to exploit CVE-2019-0862 is detected.

Impact

Use-after-free exploit attempt potentially resulting in arbitrary code execution of the attacker's choosing.

Detailed information

Affected systems

  • Internet Explorer on Windows 10 and prior versions of Windows.

Ease of attack

Simple

False positives

None known

False negatives

None known

Corrective action

Isolate the affected system and remediate it in accordance with your organization's incident response policy.

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0862