Press "Enter" to skip to content

What to Use Instead of Get-EventLog

Emin Atac gets a scary message:

When you type the following

Get-EventLog-SourceMicrosoft-Windows-Kernel-General-Newest20-LogNameSystem-InstanceId1 | Select-ExpandPropertyMessage

You get

Possible detection of CVE: 2023-01-09T09:08:23.5000000Z
Additional Information: 2023-01-08T19:56:29.1492612Z
This Event is generated when an attempt to exploit a known vulnerability (2023-01-09T09:08:23.5000000Z) is detected.
This Event is raised by a User mode process.

Read on to learn what this error message means, why it pops up, and what you can do to avoid it in the future.