OS-WINDOWS Microsoft Windows gdi32 graphics adapter handling null pointer dereference attempt
This event is generated when an attacker attempts to exploit a memory corruption vulnerability in Microsoft Windows.
Attempted Administrator Privilege Gain
This rule checks for attempts to exploit a NULL pointer dereference in Microsoft Windows' gdi32 library when handling graphics adapters in kernel-land.
Ease of attack
- Cisco Talos Intelligence Group