Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This query was originally published in the threat analytics report, ALPC local privilege elevation. Windows ALPC Elevation of Privilege Vulnerability, CVE-2018-8440, could be exploited to run arbitrary code or to gain access to protected directories and areas of the operating system. This vulnerability was patched in the September 2018 Security Update. The following query checks for potential activity related to this vulnerability over the past 7 days. If you wish to check another time period, u
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | 8f26a2c6-4c60-469c-ac7a-f4d1ccccab9f |
| Tactics | Privilege escalation |
| Required Connectors | MicrosoftThreatProtection |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
DeviceFileEvents |
✓ | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊