OS-WINDOWS Microsoft Windows win32k NtGdiExtFloodFill memory corruption attempt
This event is generated when an attacker attempts to exploit an elevation of privilege vulnerability in Microsoft Windows.
Attempted Administrator Privilege Gain
This rule fires when an attacker attempts to exploit an elevation of privilege vulnerability in Microsoft Windows' win32k driver.
Ease of attack
- Cisco Talos Intelligence Group