MS.Windows.Wind32kfull.sys.Privilege.Elevation
Description
This indicates an attack attempt to exploit a Privilege Escalation vulnerability in Microsoft Windows.
The vulnerability is due to an error in Wind32kfull.sys driver when handling objects in memory. An attacker can exploit this to elevate their privileges on vulnerable systems.
Affected Products
Windows Vista
Windows Server 2008
Windows 7
Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
Windows RT 8.1
Windows 10
Impact
Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor
http://technet.microsoft.com/security/bulletin/MS16-018
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |