OS-WINDOWS Microsoft Windows Remote Desktop client DRDYNVC use after free attempt
This event is generated when an attacker attempts to exploit a remote code execution vulnerability in the Remote Desktop client.
Attempted User Privilege Gain
This rule checks for attempts to exploit a use after free vulnerability in the Remote Desktop client's handling of Virtual Channels.
Ease of attack
- Cisco Talos Intelligence Group