TECH NEWS

'The exact same issue that was reported to Microsoft by Google project zero is actually still present, unpatched': Chaotic Eclipse strikes again with another worrying Windows security flaw

https://cdn.mos.cms.futurecdn.net/RWhH3kdDmedMKGmAzdyrvH-2560-80.jpg
  • Researcher Chaotic Eclipse discloses new Windows 11 zero‑day affecting the Cloud Filter driver
  • MiniPlasma, originally tracked as CVE‑2020‑17103, was reported years ago but remains exploitable despite prior patch attempts
  • It is the sixth vulnerability leaked by the researcher, highlighting ongoing disputes with Microsoft’s handling of bug reports

Threat actors could escalate privileges and gain SYSTEM access on a fully patched Windows 11 device thanks to an unpatched vulnerability which allegedly should have been fixed years ago, new reports have claimed.

A researcher with the alias Chaotic Eclipse recently disclosed a Proof-of-Concept (PoC) exploit for a zero-day vulnerability they named “MiniPlasma”. In a new GitHub entry, the researcher said the bug impacts the 'cldflt.sys' Cloud Filter driver and its 'HsmOsBlockPlaceholderAccess' routine.

They said Google’s Project Zero reported the issue to Microsoftback in December 2020, who even patched it at some point in the meantime. However, for reasons unknown, the...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE

Read more

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iWHjaaiE2w84/v0/1200x800.jpg

SoftBank shares fell 12% after reports that OpenAI may delay its IPO until 2027; expectations of a windfall from OpenAI's debut helped support Softbank's stock

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.