Critical Windows 'MiniPlasma' Zero-Day Grants SYSTEM Access

"MiniPlasma" Windows vulnerability exposes systems to SYSTEM-level attacks via Cloud Filter driver, posing immediate threat until patched.

By Content Team

May 18, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

A dangerous Windows privilege escalation vulnerability called "MiniPlasma" has surfaced with public exploit code available on GitHub. Security researcher Nightmare-Eclipse released the weaponized exploit on May 13, 2026, claiming Microsoft failed to properly fix a bug originally reported by Google Project Zero in 2020.

The flaw targets Windows' Cloud Filter driver and affects all Windows versions. Attackers can exploit it from standard user accounts to gain SYSTEM-level privileges on fully patched systems. The vulnerability manipulates registry key creation through a race condition, bypassing normal access restrictions.

The exploit's GitHub repository gained over 390 stars within days, highlighting serious security community concern. Since the Cloud Filter driver handles OneDrive and other cloud storage services, the vulnerable code runs on most Windows installations. Organizations face immediate risk until Microsoft releases patches.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Cybercriminals Launch Lightning-Fast Ransomware Attacks in 24 Hours

Apr 8, 2026

Canvas Maker Pays Hackers to Delete Stolen Student Data

May 18, 2026

Qualcomm Zero-Day Exploited in Targeted Android Attacks

Mar 4, 2026

'Chilling' Hacking Network Targets Vulnerable Children for Abuse

Feb 7, 2026