Think you have a false positive on this rule?

Sid 1-51449

Message

OS-WINDOWS Microsoft Windows DirectX kernel memory information leak attempt

Summary

This event is generated when an attempt to obtain memory information is made targeting DirectX.

Impact

Unauthorized memory leak

Detailed information

A vulnerability in the DirectX kernel driver exists that allows an attacker the ability to obtain memory information that they should otherwise not have access to.

Affected systems

  • Windows 7

Ease of attack

Medium

False positives

False negatives

Corrective action

Update or apply appropriate patches to the system

Contributors

  • Cisco Talos Intelligence Group

Additional References

  • CVE-2019-1216
  • portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1216