:

WINDOWS 'MINIPLASMA' ZERO-DAY GRANTS SYSTEM ACCESS

SECURITY DESK2 MIN READ
SUN, MAY 17, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day called "MiniPlasma" that enables attackers to gain SYSTEM privileges on fully patched Windows systems.

The exploit, disclosed publicly, demonstrates a critical vulnerability that bypasses Windows security protections even on up-to-date installations. Attackers leveraging MiniPlasma can escalate from limited user permissions to SYSTEM level access, the highest privilege tier on Windows machines. Microsoft has not yet released a patch addressing the vulnerability. The public release of working exploit code significantly increases the risk window for affected users and organizations, as malicious actors now have readily available tools to exploit the flaw. Privilege escalation vulnerabilities are particularly dangerous because they often serve as a second stage in attack chains. An attacker might initially gain limited access through phishing, weak credentials, or another vulnerability, then use MiniPlasma to elevate privileges and establish full system control. The vulnerability affects Windows systems across multiple versions. Organizations running fully patched systems believed to be secure remain vulnerable until Microsoft issues and deploys a fix. Security researchers recommend monitoring systems for exploitation attempts and implementing additional access controls where possible. Administrators should prioritize patching once Microsoft releases a security update. The disclosure follows a pattern of increasing zero-day releases by security researchers, sometimes to highlight Microsoft's patch cycle delays. While researchers argue public disclosure pressures vendors to respond faster, it simultaneously exposes all users to active exploitation risk. This incident underscores the ongoing challenge Windows users face: the gap between vulnerability discovery and patch availability, combined with the widespread practice of releasing proof-of-concept code, creates a critical exposure period for enterprise and consumer systems alike.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

4H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

4H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

7H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

9H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.