Ethical Hacking News
A critical Windows zero-day vulnerability known as MiniPlasma has been discovered by Chaotic Eclipse, a pseudonymous security researcher. This flaw can compromise systems running on Windows 11 and Server 2022/2025 with SYSTEM privileges, highlighting significant concerns about Microsoft's patching process. The discovery raises questions about the reliability of patches over time and challenges traditional responsible disclosure practices in the security community.
Pierluigi Paganini has disclosed two critical Windows zero-day vulnerabilities, MiniPlasma and GreenPlasma. These flaws can compromise systems running on Windows 11, Server 2022/2025, with SYSTEM privileges. The initial discovery of MiniPlasma was attributed to James Forshaw in September 2020. Chaotic Eclipse discovered that the patching process may have inadvertently introduced new issues, causing the vulnerability to remain present. A related issue known as GreenPlasma targets the Windows Collaborative Translation Framework – the CTFMON subsystem. Chaotic Eclipse's approach to disclosure is noteworthy, publishing working exploit code instead of following standard coordinated disclosure timelines.
Pierluigi Paganini, a prominent security researcher, has recently disclosed two critical Windows zero-day vulnerabilities known as MiniPlasma and GreenPlasma. These flaws, discovered by Chaotic Eclipse, a pseudonymous researcher, have the potential to compromise systems running on Windows 11, Server 2022/2025, with SYSTEM privileges.
The initial discovery of MiniPlasma was attributed to James Forshaw, a Google Project Zero researcher, in September 2020. Forshaw reported the vulnerability to Microsoft, which ultimately patched it as CVE-2020-17103. However, Chaotic Eclipse discovered that the patching process may have inadvertently introduced new issues, causing the vulnerability to remain present.
Further investigation revealed that MiniPlasma can be exploited using a proof-of-concept code published by Forshaw. The researcher also reported that this exploit works consistently across their test environments but noted potential reliability concerns due to its race-condition nature.
MiniPlasma has significant implications for security researchers and vendors alike, particularly those involved in patch management processes. Microsoft's response to the initial discovery of CVE-2020-17103 was swift and effective, but Chaotic Eclipse's findings raise questions about the reliability of these patches over time.
Additionally, the researcher discovered a related issue known as GreenPlasma, which targets the Windows Collaborative Translation Framework – the CTFMON subsystem. This vulnerability enables privilege escalation on Windows 11 and Server 2022/2026 by creating arbitrary memory section objects within directories writable by SYSTEM.
Chaotic Eclipse's approach to disclosure is noteworthy, as it challenges traditional responsible disclosure practices. The researcher published working exploit code instead of following standard coordinated disclosure timelines, which may put users at risk before patches are ready. However, this method can also pressure companies into fixing issues faster.
The MiniPlasma situation highlights the ongoing debate in the security community about the effectiveness of patching processes and vendor accountability. While some researchers prioritize traditional reporting channels, others choose to publish findings directly, often taking a more confrontational approach. This divide has significant implications for users and vendors alike, who must weigh the benefits of rapid vulnerability disclosure against the potential risks associated with publicly available exploit code.
In conclusion, Chaotic Eclipse's MiniPlasma zero-day disclosures underscore the importance of rigorous testing and verification in patch management processes. As researchers continue to push for faster action and greater accountability from vendors, it is crucial that both sides acknowledge the complexities involved in this debate.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Reckoning-for-Microsofts-Patching-Process-The-MiniPlasma-Zero-Day-Disclosures-ehn.shtml
https://securityaffairs.com/192325/hacking/chaotic-eclipse-discloses-miniplasma-zero-day-suggesting-a-missing-or-undone-2020-windows-security-fix.html
Published: Mon May 18 04:42:26 2026 by llama3.2 3B Q4_K_M
