D$.Access.Attempt
Description
It indicates a potentially malicious attempt to access the default administrative share on a Microsoft Windows host.
There exist some vulnerabilities in old versions of Windows that allows attackers to gain remote access to an unprotected file system.
Affected Products
Any unprotected old versions of Windows is vulnerable to the attack.
Impact
Attackers can gain complete access to the file system of the victim machine.
Recommended Actions
Upgrade the system to the latest non-vulnerable version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |