OS-WINDOWS Microsoft Windows Error Reporting elevation of privilege attempt
This event is generated when an attacker attempts to exploit a elevation of privilege vulnerability in Windows' Error Reporting service.
Attempted Administrator Privilege Gain
This rule checks for attempts to exploit a elevation of privilege vulnerability in Windows' Error Reporting service.
Ease of attack
- Cisco Talos Intelligence Group