Illustration of a cracked Windows security shield, symbolizing the MiniPlasma zero-day vulnerability.

Cybersecurity

New Windows Exploit Grants Full Control

TL;DR: A researcher released a proof-of-concept exploit for a new Windows zero-day vulnerability named 'MiniPlasma'. The exploit allows an attacker with local access to gain the highest system privileges on fully patched Windows 10 and 11 machines. Microsoft has not yet released a patch.

By Neeraj DhimanBleepingComputer22m ago1 min readupdated 22m ago

Source

Key facts

Category: Cybersecurity
Impact: Low
Published: 22m ago
Source: BleepingComputer

Full summary

A new zero-day exploit called 'MiniPlasma' allows attackers to gain full system privileges on fully patched Windows 10 and 11 systems.

A security researcher has publicly released a proof-of-concept exploit for a new zero-day vulnerability in Windows called "MiniPlasma." The exploit targets the Data Sharing Service, allowing an attacker with local access to escalate their privileges to the SYSTEM level—the highest access on a Windows machine. This flaw affects fully patched versions of Windows 10 and Windows 11, bypassing a previous security fix from Microsoft. The public release of the exploit code makes the technical details widely available.

The impact is significant for organizations running Windows. Gaining SYSTEM privileges allows an attacker to completely compromise a machine, letting them deploy ransomware, steal data, or establish a persistent foothold in a network. Because the exploit is public, less sophisticated attackers can now potentially weaponize it. This puts IT and security teams in a difficult position, as there is currently no patch available to mitigate the risk. The vulnerability affects a broad range of systems, from individual workstations to servers.

Microsoft has not yet issued an official CVE or a security patch for MiniPlasma. The security community is now waiting for the company's response, which will likely come in a future security update. Until a patch is released, security teams are advised to monitor for suspicious activity related to the Data Sharing Service and review their endpoint detection rules. The situation highlights the ongoing challenge of securing complex operating systems against determined attackers.

Why it matters

This zero-day affects fully patched Windows systems, and the public exploit code lowers the barrier for attackers to gain full system control. Without a patch, organizations are exposed to significant risk of data theft and ransomware.

Business impact

A successful exploit could lead to a full system compromise, resulting in data breaches, operational disruption from ransomware, and significant costs for incident response and recovery. It undermines trust in standard security patching.

Action checklist

1Review endpoint detection and response (EDR) logs for unusual activity related to `dssvc.dll`.
2Monitor for any unauthorized privilege escalation attempts on Windows 10 and 11 systems.
3Prepare for rapid deployment of a patch once Microsoft releases it.
4Ensure systems are fully patched against all other known vulnerabilities to limit initial access vectors.