OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt
This event is generated when an attempt to corrupt the memory of a Windows Kernel driver is performed via a malicious printer driver
Local Privilege Escalation
The Windows Win32k.sys kernel driver is vulnerable to a memory corruption error that could lead to a local privilege escalation. By creating a malicious user-mode printer driver an attacker is able to corrupt the memory of the Windows system and obtain privileges that they should otherwise not have.
Ease of attack
Apply patch and system updates.
- Cisco Talos Intelligence Group