MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems — Ravie LakshmananMay 18, 2026Zero Day / Vulnerability [https://blogge
What’s new: A new Windows privilege escalation zero-day vulnerability, codenamed MiniPlasma, has been disclosed, allowing attackers to gain SYSTEM privileges on fully patched Windows systems. The flaw resides in the “cldflt.sys” driver and was originally reported to Microsoft in September 2020. Despite being believed to be patched, it remains unaddressed, affecting all Windows versions.
Who’s affected
All versions of Windows are likely affected by this vulnerability, including the latest Windows 11 updates as of May 2026.
What to do
- Monitor for updates from Microsoft regarding a patch for the MiniPlasma vulnerability.
- Implement security measures to limit access to critical systems until a fix is available.
- Review and apply best practices for privilege management and system hardening.
