A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit.
CVE-2021-42292 This package will detect exploits of CVE-2021-42292, a Microsoft Excel local privilege escalation vulnerability, and generate a notice in noticelog for it corelightcom/blog/detecting-cve-2021-42292 Detection Method: This package detects the vulnerability when the triggering Excel spreadsheet downloads a second spreadsheet The second spreadsheet is exe