This detection rule identifies instances of User Account Control (UAC) bypass facilitated through the manipulation of the Windows Registry by leveraging Windows Media Player's osksupport.dll. The presence of binary data associated with a specific target object path is the key indicator of an attempted UAC bypass. The detection mechanism inspects registry keys related to the Compatibility Assistant which could be targeted for privilege escalation attacks. Such tactics are commonly utilized by malicious actors to execute unauthorized actions at a higher privilege level than allowed by the original User Account Control settings. The specific pattern being detected involves alterations to the AppCompatFlags registry keys indicating a potential exploit scenario reminiscent of known tactics listed under the MITRE ATT&CK framework for privilege escalation and evasion tactics.