Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Critical Windows Flaw Allows SYSTEM Privilege Escalation

Critical Windows Flaw Allows SYSTEM Privilege Escalation

Posted on May 18, 2026 By CWS

A newly uncovered security flaw in Windows, known as MiniPlasma, is exposing systems to potential attacks by granting SYSTEM privileges to unauthorized users. This significant vulnerability targets the ‘cldflt.sys’ component, specifically within the ‘HsmOsBlockPlaceholderAccess’ routine, and affects fully patched Windows systems. The flaw, first reported by Google Project Zero’s James Forshaw in September 2020, has resurfaced despite being previously addressed.

Unresolved Security Threat

MiniPlasma, identified by security researcher Chaotic Eclipse, sheds light on a critical oversight in Windows security. Originally believed to be patched under CVE-2020-17103 in December 2020, new findings indicate that the issue remains unresolved. Chaotic Eclipse has demonstrated the vulnerability through a proof-of-concept (PoC) exploit, raising concerns about the effectiveness of past patches.

The PoC, which successfully executes a SYSTEM shell, highlights the persistent nature of this vulnerability. Chaotic Eclipse noted the exploit’s reliability, although it operates as a race condition, meaning the success rate may vary across different setups.

Impact Across Windows Versions

The MiniPlasma vulnerability is believed to affect all versions of Windows currently in use. Security researcher Will Dormann confirmed its effectiveness on Windows 11 systems updated as of May 2026, though it appears ineffective on the latest Insider Preview Canary builds. This broad impact underscores the need for immediate attention to patch this flaw.

The revelation of MiniPlasma comes on the heels of another privilege escalation issue in the same component addressed by Microsoft in December 2025. Known as CVE-2025-62221, this flaw had a significant CVSS score of 7.8 and was actively exploited by unidentified threat actors, further emphasizing the need for robust security measures.

Outlook and Recommendations

As security experts analyze the MiniPlasma flaw, it is crucial for organizations and individuals running Windows systems to remain vigilant. Microsoft is expected to deliver a comprehensive fix to mitigate this vulnerability, but users should stay informed about updates and advisories from credible sources.

This incident highlights the ongoing challenges in cybersecurity, emphasizing the importance of continuous monitoring and timely patch management to safeguard against evolving threats.

The Hacker News Tags:Chaotic Eclipse, cldflt.sys, Cybersecurity, Google Project Zero, HsmOsBlockPlaceholderAccess, James Forshaw, Microsoft, MiniPlasma, privilege escalation, Security, system privileges, Vulnerability, Windows, zero-day vulnerability

Post navigation

Previous Post: Over 1 Million WordPress Sites Vulnerable to Avada Plugin Flaws
Next Post: Shai-Hulud Worm Clones Spark New Cybersecurity Threats

Related Posts

NIST Adjusts CVE Handling Amid Rising Submissions NIST Adjusts CVE Handling Amid Rising Submissions The Hacker News
Critical Flaw in Splunk Enterprise Enables Unauthorized Code Execution Critical Flaw in Splunk Enterprise Enables Unauthorized Code Execution The Hacker News
Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories The Hacker News
VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages The Hacker News
ZeroDayRAT Spyware Threatens Android and iOS Security ZeroDayRAT Spyware Threatens Android and iOS Security The Hacker News
[Webinar] Shadow AI Agents Multiply Fast — Learn How to Detect and Control Them [Webinar] Shadow AI Agents Multiply Fast — Learn How to Detect and Control Them The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Fake Installers Deploy SharkLoader Malware in Networks
  • Critical Vulnerabilities in FatFs Impact Millions of Devices
  • Hackers Exploit Blogspot and PowerShell for Data Theft
  • Critical Linux Kernel Bug Allows Unauthorized Root Access
  • Nebula’s AI-Powered Security Tool Revolutionizes Testing

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Fake Installers Deploy SharkLoader Malware in Networks
  • Critical Vulnerabilities in FatFs Impact Millions of Devices
  • Hackers Exploit Blogspot and PowerShell for Data Theft
  • Critical Linux Kernel Bug Allows Unauthorized Root Access
  • Nebula’s AI-Powered Security Tool Revolutionizes Testing

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark