diff --git a/rules/windows/builtin/code_integrity/win_codeintegrity_failed_dll_load.yml b/rules/windows/builtin/code_integrity/win_codeintegrity_failed_dll_load.yml
index 8035439fe..7afd13ddd 100644
--- a/rules/windows/builtin/code_integrity/win_codeintegrity_failed_dll_load.yml
+++ b/rules/windows/builtin/code_integrity/win_codeintegrity_failed_dll_load.yml
@@ -35,6 +35,11 @@ detection:
         ProcessNameBuffer|endswith: '\AppData\Local\Keybase\Gui\Keybase.exe'
         RequestedPolicy: 8
         ValidatedPolicy: 1
+    filter_bonjour:
+        FileNameBuffer|endswith: '\Program Files\Bonjour\mdnsNSP.dll'
+        ProcessNameBuffer|endswith: '\Windows\System32\svchost.exe'
+        RequestedPolicy: 8
+        ValidatedPolicy: 1
     condition: selection and not 1 of filter_*
 falsepositives:
     - Unknown