Sid 1-51014
Message
OS-WINDOWS Microsoft Windows privilege escalation attempt
Summary
This event is generated when a file containing a Microsoft Windows privilege escalation attempt is detected.
Impact
Attempted Administrator Privilege Gain
Detailed information
Affected systems
Ease of attack
False positives
False negatives
Corrective action
Contributors
- Cisco Talos Intelligence Group
Additional References
- CVE-2019-1173
- portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1173