New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
A new zero-day exploit for Windows, named 'MiniPlasma', has been released, allowing attackers to gain SYSTEM privileges on fully patched systems. The exploit was published by a researcher who claims that Microsoft failed to adequately address a previously reported vulnerability. This incident is part of a series of recent disclosures by the same researcher, who is protesting Microsoft's handling of security vulnerabilities.
- ▪The 'MiniPlasma' exploit allows privilege escalation on Windows systems.
- ▪The flaw affects the 'cldflt.sys' Cloud Filter driver and was previously reported in 2020.
- ▪The researcher claims that Microsoft has not properly patched the vulnerability despite previous assurances.
Opening excerpt (first ~120 words) tap to expand
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released By Lawrence Abrams May 17, 2026 06:30 PM 4 A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privileges on fully patched Windows systems. The exploit was published by a researcher known as Chaotic Eclipse, or Nightmare Eclipse, who released both the source code and a compiled executable on GitHub after claiming that Microsoft failed to properly patch a previously reported 2020 vulnerability.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at BleepingComputer.
Discussion
0 commentsMore from BleepingComputer
