MiniPlasma: A 'Patched' 2020 Windows Bug Is Back

MiniPlasma is a new Windows zero-day that exploits a 2020 bug Microsoft claimed to patch. It gives a standard Windows user SYSTEM privileges on fully patched Windows 11. The flaw sits in cldflt.sys, the Cloud Files driver behind OneDrive's "files on demand" feature. James Forshaw of Google Project Zero reported the same bug in 2020, and Microsoft shipped a fix that December. Researcher Chaotic Eclipse (aka Nightmare-Eclipse on GitHub) tested the original Project Zero proof-of-concept against a fully patched Windows 11 Pro running the May 2026 security updates — it still works. Per the researcher, either Microsoft never actually patched the bug or the fix got silently rolled back at some point. MiniPlasma is the sixth Windows zero-day this researcher has dropped in 2026, after BlueHammer (patched in April), RedSun, UnDefend, YellowKey (a BitLocker bypass), and GreenPlasma. They've said they're not done. Source: https://www.bleepingcomputer.com/news/microsoft/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released/ More on cybersecurity, privacy, scams, and homelab on Hake Hardware. New shorts every weekday. #cybersecurity #windows #zeroday