OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt
This event is generated when an attempt to corrupt the memory of a Windows Kernel driver is performed via a malicious printer driver
Local Privilege Escalation
The Windows Win32k.sys kernel driver is vulnerable to a memory corruption error that could lead to a local privilege escalation. By creating a malicious user-mode printer driver an attacker is able to corrupt the memory of the Windows system and obtain privileges that they should otherwise not have.
Medium
Apply patch and system updates.
©2019 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
Privacy Policy | Snort License | FAQ | Sitemap
