Windows 'MiniPlasma' Exploit: SYSTEM Access, Proof-of-Concept Public

A new Windows flaw, dubbed 'MiniPlasma,' is out there. It lets attackers snag SYSTEM-level access even on fully patched machines. Cybersecurity researcher Chaotic Eclipse just dropped the exploit publicly. It zeros in on a bug in the Windows Cloud Filter driver, specifically the 'HsmOsBlockPlaceholderAccess' routine. Here's the kicker: James Forshaw of Google Project Zero first reported this vulnerability back in 2020. It was supposedly patched. But it's back.

A Scar Reopened

This MiniPlasma exploit? It points to a worrying lapse in Microsoft's patch management. Chaotic Eclipse says the 2020 issue, CVE-2020-17103, still works. Microsoft claimed a fix in December 2020. Yet BleepingComputer and other security pros confirm the exploit runs just fine on the latest Windows 11 updates.

It lets attackers create arbitrary registry keys, totally bypassing access checks. Think about that. This can bump a regular user's privileges straight up to SYSTEM level. Pretty big security risk, wouldn't you say?

Not Their First Rodeo

This isn't Chaotic Eclipse's first rodeo. The researcher has dropped a series of zero-day vulnerabilities. It's a protest, actually, against how Microsoft handles bug bounties and vulnerability disclosures. Some of these, like BlueHammer, RedSun, and UnDefend, have even been actively exploited after they went public.

• BlueHammer: A local privilege escalation flaw.
• RedSun: Another escalation bug. Microsoft, for its part, patched this one quietly.
• UnDefend: A tool to hit Windows Defender with a Denial of Service attack.

Europe's Stake

Europe's cybersecurity scene? It's feeling this keenly. Windows platforms are everywhere, across pretty much every industry. And GDPR? That adds another layer of pain. Data breaches from these kinds of flaws could mean hefty fines. Remember when software giants faced huge scrutiny and penalties over security oversights? Yeah, like that.

So, What Now?

For you, the user, or you, the IT admin? This exploit means you need to be on your toes. Vigilance. Proactive security. Update your systems. Get extra security tools. Seriously. It's about mitigating those potential risks. And keep an eye on Microsoft. See what they do about patches.

The Big Questions

• Microsoft hasn't said a word about MiniPlasma. Not officially, anyway.
• No one knows if a new patch is coming. Or when.
• How much is this actually being exploited out there? Pure speculation right now.

Why It Matters

The MiniPlasma exploit? It really chips away at trust in Microsoft's patching. A vulnerability that was supposedly fixed, now back again. Doesn't exactly inspire confidence in their security processes, does it? Threats keep evolving. Microsoft needs solid, transparent patch management. It's about user trust. It's about data integrity. Simple as that.