Dubbed the miniplasma zero-day exploit, this tool bypasses existing security updates and raises urgent questions about the effectiveness of Microsoft’s patching process. Tests conducted by BleepingComputer on a system running the latest May 2026 Patch Tuesday updates confirmed the exploit works without modification, opening a command prompt with the highest Windows privileges.
Understanding the MiniPlasma Zero-Day Exploit
The miniplasma zero-day exploit targets a component of the Windows Cloud Filter driver, located in the file cldflt.sys. Specifically, it abuses the HsmOsBlockPlaceholderAccess routine — a function meant to control access to placeholder files used by cloud storage providers like OneDrive. According to Chaotic Eclipse, the exact same vulnerability was first reported to Microsoft by Google Project Zero researcher James Forshaw in September 2020. That original flaw was assigned CVE-2020-17103 and supposedly fixed in the December 2020 Patch Tuesday update.
However, the researcher now claims the patch never truly resolved the issue. After investigating the current state of cldflt.sys, Chaotic Eclipse found the vulnerable code path still present. “The original PoC by Google worked without any changes,” the researcher stated. This raises the possibility that Microsoft either failed to apply the fix correctly or that the patch was silently rolled back during a subsequent update. The miniplasma zero-day exploit is essentially a re-implementation of Forshaw’s original technique, confirming a regression or incomplete remediation.
Will Dormann, principal vulnerability analyst at Tharros, independently tested the exploit on the latest public build of Windows 11 and confirmed it successfully escalates privileges to SYSTEM. Notably, the exploit does not work on the most recent Windows 11 Insider Preview Canary build, suggesting Microsoft may have already addressed the issue in the development branch. This contrast between public and Canary versions hints that a permanent fix could arrive soon, but leaves currently deployed systems exposed in the interim.
Technical Mechanics of the Exploit
The miniplasma zero-day exploit leverages an undocumented API called CfAbortHydration, which is part of the Cloud Filter driver’s interface. Normally, this API is used to cancel a pending hydration operation (downloading the full file from the cloud). However, the driver’s implementation contains a flaw in how it handles registry key creation during this process. Forshaw’s original report explained that the vulnerability allows an attacker to create arbitrary registry keys under the .DEFAULT user hive without proper access checks. By crafting specific registry entries, a standard user account can trigger a privilege escalation that elevates the process to SYSTEM level.
The exploit works because the Cloud Filter driver runs with high integrity in kernel mode. When the flawed routine processes a specially crafted request, it fails to validate the origin of the registry operations, allowing a low-privileged user to write keys that influence system-level behavior. The miniplasma zero-day exploit demonstrates that this attack path remains viable about six years after the initial report.
How the Exploit Works in Practice
BleepingComputer tested the miniplasma zero-day exploit on a fully patched Windows 11 Pro system with all updates applied through May 2026. Using a standard user account, they executed the compiled proof-of-concept. Within seconds, a command prompt appeared with SYSTEM privileges, as indicated by the whoami command returning nt authority\system. This level of access allows an attacker to install software, modify system files, create new user accounts, and bypass most security controls.
Will Dormann replicated these results in his own lab. He noted that the exploit requires no additional dependencies or unusual conditions — it simply needs the user to run the executable from a standard account. The ease of use makes the miniplasma zero-day exploit particularly dangerous for organizations that rely on regular patching as their primary defense.
The researcher also observed that the exploit fails on the latest Windows 11 Insider Preview Canary build. This suggests Microsoft has already developed a fix, likely by modifying the HsmOsBlockPlaceholderAccess routine to properly validate registry access calls. However, the fix has not yet been backported to the stable public release, leaving a window of exposure.
The Researcher Behind the Exploit: A Pattern of Disclosures
Chaotic Eclipse, also known as Nightmare Eclipse, has been releasing Windows zero-day exploits publicly since April 2026. The miniplasma zero-day exploit is the latest in a series that includes BlueHammer (CVE-2026-33825), RedSun, UnDefend, and most recently YellowKey and GreenPlasma. BlueHammer is a local privilege escalation vulnerability that was assigned a CVE and later spotted being used in real-world attacks. RedSun was another privilege escalation flaw that Microsoft silently patched without assigning a CVE identifier. UnDefend is a denial-of-service tool targeting Windows Defender.
This month, the researcher also released YellowKey, a BitLocker bypass that works on Windows 11 and Windows Server 2022/2025. YellowKey spawns a command shell that can access unlocked drives protected by TPM-only BitLocker configurations, effectively bypassing full disk encryption when the system is booted. GreenPlasma is yet another exploit, though details remain scarce.
Chaotic Eclipse has publicly stated that they are disclosing these vulnerabilities in protest of Microsoft’s bug bounty and vulnerability-handling process. The researcher alleges that Microsoft threatened them personally: “Normally, I would go through the process of begging them to fix a bug but to summarize, I was told personally by them that they will ruin my life and they did.” These claims have not been independently verified, but they highlight deep tensions between the security research community and the vendor.
Microsoft has stated publicly that it supports coordinated vulnerability disclosure and is committed to investigating reported issues. When BleepingComputer contacted Microsoft about the miniplasma zero-day exploit, the company did not immediately respond. This silence adds to the frustration felt by researchers who believe their reports are not taken seriously.
You may also enjoy reading: After Killing Encrypted DMs, Mark’s AI Chat: 3 Trust Traps.
Implications for Windows Users and IT Administrators
For IT administrators responsible for maintaining Windows environments, the miniplasma zero-day exploit represents a serious blind spot. Even systems that receive every security update remain vulnerable until Microsoft ships a fix for the public release. An attacker who gains a foothold through another vector — such as a phishing email or malicious download — can use this exploit to escalate privileges and move laterally across the network.
Consider a hypothetical scenario: a medium-sized company with 500 Windows 11 workstations, all fully patched. An employee receives a targeted email with a malicious attachment disguised as an invoice. The attachment drops a dropper that runs as a standard user. If that dropper includes the miniplasma zero-day exploit, the attacker immediately gains SYSTEM access on that workstation. From there, they can deploy ransomware, steal credentials, or pivot to servers.
Small business owners who use Windows 11 are also at risk. Without dedicated security teams, they rely entirely on Windows Update to keep their systems safe. When a zero-day like miniplasma exists, those updates provide no protection. The only defense is limiting user privileges, disabling unnecessary services, and monitoring for unusual behavior.
What to Do While Waiting for a Patch
Until Microsoft releases a fix for the miniplasma zero-day exploit, organizations can take several steps to reduce risk:
- Restrict standard user accounts. Ensure that users operate with the least privilege necessary. While the exploit can escalate from a standard user to SYSTEM, preventing initial compromise is still critical. Use application whitelisting and block execution of untrusted binaries.
- Monitor Cloud Filter driver activity. Enable logging for driver loads and registry modifications related to
cldflt.sys. Security information and event management (SIEM) systems can alert on anomalous behavior. - Deploy endpoint detection and response (EDR) tools. Many EDR solutions can detect privilege escalation attempts by observing process behavior, such as a low-integrity process creating a high-integrity process.
- Consider using Windows 11 Insider Preview builds for critical systems. Since the Canary build appears immune, organizations with high security requirements might test the insider builds, though this comes with stability risks.
- Implement Microsoft Defender for Endpoint’s attack surface reduction rules. Some rules can block process injection and credential theft, which are common after privilege escalation.
These measures are not silver bullets, but they can delay an attacker’s progress or trigger alerts before significant damage occurs.
The Bigger Picture: Vulnerability Disclosure Tensions
The miniplasma zero-day exploit is not an isolated event. It reflects a growing rift between security researchers and large software vendors over how vulnerabilities are handled. Google Project Zero operates on a 90-day disclosure deadline, pressuring vendors to patch quickly. But when patches are incomplete or reverted, researchers lose trust in the process.
Chaotic Eclipse’s approach — full public disclosure without warning — is extreme, but it underscores the frustration of seeing reported flaws go unaddressed for years. The researcher’s claim that Microsoft threatened them personally, if true, would be a serious breach of the cooperative spirit that vulnerability disclosure requires. Microsoft has not responded to these allegations, but the company’s general policy favors coordinated disclosure.
For the average Windows user, these behind-the-scenes conflicts are invisible until a working exploit appears. The miniplasma zero-day exploit is a concrete reminder that patching alone is not enough. A robust security posture requires defense-in-depth: multiple layers of protection, active monitoring, and a willingness to question whether updates truly fix what they claim to fix.
Until Microsoft ships a permanent solution for the Cloud Filter driver flaw, the miniplasma zero-day exploit remains a viable threat. Anyone running a fully patched Windows 11 system should stay alert for updates and consider the protective measures outlined above. The security community will be watching closely to see whether this disclosure prompts a responsible fix or another round of public disclosures.
