Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Exploit Released for Unpatched Windows Vulnerability

Exploit Released for Unpatched Windows Vulnerability

Posted on May 18, 2026 By CWS

A cybersecurity researcher has unveiled an exploit aimed at a Windows vulnerability first identified in 2020, raising concerns that it remains unpatched. The flaw, known as CVE-2020-17103, has a CVSS score of 7.0 and involves a privilege escalation issue within the Windows Cloud Filter driver.

Background on the Vulnerability

Google’s Project Zero researchers initially reported this vulnerability, prompting Microsoft to issue fixes as part of its December 2020 Patch Tuesday updates. The vulnerability allows for registry key manipulation through an undocumented API within the Windows Cloud Filter driver. This can potentially enable an attacker to escalate privileges and execute system code.

The exploit, dubbed MiniPlasma, was recently released by a researcher known as Chaotic Eclipse and Nightmare Eclipse. This exploit takes advantage of the security flaw to generate a System shell, indicating that the issue may not have been adequately patched or that previous fixes were reversed.

Researcher’s Findings and Concerns

According to Chaotic Eclipse, the proof-of-concept code initially provided by Project Zero remains effective, suggesting that the vulnerability persists unpatched. The researcher has also released exploits for other vulnerabilities in Microsoft products, expressing dissatisfaction with Microsoft’s handling of vulnerability disclosures.

Senior principal vulnerability analyst at Tharros Labs, Will Dormann, confirmed that MiniPlasma functions on Windows 11 systems with the May 2026 updates installed. However, it does not seem to be effective on the latest Insider Preview Canary version of Windows 11.

Implications and Future Outlook

The release of such an exploit underscores the importance of timely and thorough patching by software vendors. With the exploit now public, systems running affected Windows versions could be at increased risk. Microsoft has been contacted for comments, but as of now, there is no response. Observers are keenly watching for any updates or further developments from the company.

This incident highlights the ongoing challenges in cybersecurity, particularly the need for proactive measures in addressing vulnerabilities. As the situation evolves, stakeholders are urged to remain vigilant and ensure all systems are up to date with the latest security patches.

Security Week News Tags:Chaotic Eclipse, CVE-2020-17103, Cybersecurity, Exploit, Microsoft, MiniPlasma, Nightmare-Eclipse, privilege escalation, Project Zero, Security, system shell, unpatched flaw, Vulnerability, Windows

Post navigation

Previous Post: Four NPM Packages Found with Malware and DDoS Bot
Next Post: AI Bug Reports Overwhelm Linux Security List

Related Posts

Oracle E-Business Suite Zero-Day Exploited in Cl0p Attacks Oracle E-Business Suite Zero-Day Exploited in Cl0p Attacks Security Week News
Google DeepMind’s New AI Agent Finds and Fixes Vulnerabilities  Google DeepMind’s New AI Agent Finds and Fixes Vulnerabilities  Security Week News
OpenAI Unveils Enhanced ChatGPT Security Feature OpenAI Unveils Enhanced ChatGPT Security Feature Security Week News
Urgent Patch Needed for Critical Citrix NetScaler Vulnerability Urgent Patch Needed for Critical Citrix NetScaler Vulnerability Security Week News
Beyond the Black Box: Building Trust and Governance in the Age of AI Beyond the Black Box: Building Trust and Governance in the Age of AI Security Week News
TP-Link Addresses Critical Flaws in Archer Routers TP-Link Addresses Critical Flaws in Archer Routers Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Fake Installers Deploy SharkLoader Malware in Networks
  • Critical Vulnerabilities in FatFs Impact Millions of Devices
  • Hackers Exploit Blogspot and PowerShell for Data Theft
  • Critical Linux Kernel Bug Allows Unauthorized Root Access
  • Nebula’s AI-Powered Security Tool Revolutionizes Testing

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Fake Installers Deploy SharkLoader Malware in Networks
  • Critical Vulnerabilities in FatFs Impact Millions of Devices
  • Hackers Exploit Blogspot and PowerShell for Data Theft
  • Critical Linux Kernel Bug Allows Unauthorized Root Access
  • Nebula’s AI-Powered Security Tool Revolutionizes Testing

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark