KillBait - News highlights delivered clearly and responsibly—no clickbait, no sensationalism
Proof-of-Concept Shows Windows MiniPlasma Zero-Day Still Exploitable
Photo: slashdot.org
2026-05-19 06:10   Technology   12

Proof-of-Concept Shows Windows MiniPlasma Zero-Day Still Exploitable

A new Windows zero-day vulnerability, dubbed 'MiniPlasma', has been demonstrated to still grant SYSTEM privileges even on fully patched Windows 11 systems.

The vulnerability was originally reported by Google Project Zero in 2020 under CVE-2020-17103 and was supposedly patched by Microsoft in December 2020.However, a security researcher known as Chaotic Eclipse has released a proof-of-concept (PoC) showing that the flaw remains exploitable.Tests confirmed that running the PoC from a standard user account opens a command prompt with SYSTEM-level access.The exploit leverages the Windows Cloud Filter driver and an undocumented CfAbortHydration API, allowing arbitrary registry key creation in the .DEFAULT user hive without proper access checks.While the flaw has been verified on current public Windows 11 builds, it does not appear in the latest Insider Preview Canary build.

Security experts note that this incident highlights ongoing concerns about patch reliability and the potential risks of zero-day vulnerabilities, even years after they are reported.The PoC has been tested by multiple analysts, confirming its effectiveness, raising questions about long-term security management in Windows systems.

Full reading at slashdot.org

 dog
2224 
Top Trends
Topics
Top visited