OS-WINDOWS -- Snort has detected traffic targeting vulnerabilities in a Windows-based operating system. This does not include browser traffic or other software on the OS, but attacks against the OS itself. (such as?)
OS-WINDOWS Microsoft Windows Mark of the Web security feature bypass attempt
This rule looks for files known to exploit a Mark of the Web bypass vulnerability in Microsoft Windows.
This rule fires on attempts to exploit a Mark of the Web bypass in Microsoft Windows.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
Authentication Bypass
An Authentication Bypass occurs when there is a way to avoid providing user credentials to a system before performing restricted operations on said system.
CVE-2024-38217 |
Loading description
|