ATLAS · LIVE
ATLAS INDEX
Δ 24H
ACTIVE SOURCES20
HOTSPOTS20
TIME21:40:37 UTC
← All briefs
CRITICALCyber IntelligenceMonday, May 18, 2026

Windows zero-day grants SYSTEM access on patched machines

Researcher releases working exploit for privilege escalation flaw affecting current Windows versions; Microsoft has not yet issued a patch.

A privilege escalation vulnerability in Windows—designated MiniPlasma—now has public proof-of-concept code that grants attackers SYSTEM-level access on fully patched systems. The exploit was released by a cybersecurity researcher and confirmed functional by BleepingComputer.

SYSTEM privileges represent the highest tier of access in Windows environments, exceeding even administrator rights. An attacker who gains initial foothold through phishing, malware, or stolen credentials can leverage MiniPlasma to escalate control and move laterally across networks. The flaw affects current Windows versions that have received all available security updates as of mid-May 2025.

Microsoft has not yet released a patch or assigned a CVE identifier. The public availability of working exploit code materially increases risk for enterprise networks, particularly those with inadequate endpoint detection or segmentation. Threat actors typically integrate disclosed zero-days into toolkits within days of publication.

The rest of this brief is inside the platform

Continue reading. Free.

A free Atlas account unlocks the full briefing, the co-analyst, daily delivery to your inbox, and a sector-personalised feed.

Full brief
Implications, sources, methodology
Co-Analyst
Ask follow-ups on every brief
Sector feed
Briefs filtered to what matters to you
Implications
  • 01Enterprise IT teams face elevated risk until Microsoft issues patch and deployment completes
  • 02Threat actors gain new tool for post-compromise escalation in Windows environments
  • 03Organizations with weak endpoint monitoring may not detect exploitation in progress
  • 04Incident response teams should audit recent SYSTEM-level activity for anomalies
Source
BleepingComputer
https://www.bleepingcomputer.com/news/microsoft/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released/
Brief is editorial commentary by Atlas Intelligence based on the cited public reporting. Atlas does not reproduce source text. Verify primary source before action.
#windows#zero-day#privilege escalation#miniplasma#microsoft#exploit
Related Briefs