Elastic Windows Event Explorer


Publisher - Microsoft-Windows-CodeIntegrity

Event ID 3073

Message:

Code Integrity determined that the kernel module %{FileNameBuffer} is not compatible with strict mode hypervisor enforcement due to it having an executable section that is also writable.

Event Data:

# Name In Type
Out Type
1 FileNameLength win:UInt16 xs:unsignedShort
2 FileNameBuffer win:UnicodeString xs:string

Observed Windows Versions:

Version: 0

Fingerprint: L43N4ZCL3ZWIM