UMVA has learned that a critical security vulnerability lurking in Windows 11 could allow hackers to seize complete control of any affected system—and Microsoft apparently failed to fix it properly years ago.
Security researcher Nightmare-Eclipse, also known as Chaotic Eclipse, has uncovered a terrifying flaw that was first discovered six years ago and assigned the identifier CVE-2020-17103. Microsoft claimed to patch the vulnerability in December 2020, but new evidence suggests the fix was either incomplete or silently rolled back at some point.
To prove just how dangerous this oversight is, Nightmare-Eclipse created a proof-of-concept exploit called MiniPlasma that spawns a shell with system-level privileges—essentially giving attackers god-mode access to the entire machine.
"After investigating, it turns out the exact same issue reported to Microsoft by Google Project Zero is actually still present, unpatched," Nightmare-Eclipse wrote on the GitHub page for MiniPlasma. "I'm unsure if Microsoft just never patched the issue or the patch was silently rolled back at some point for unknown reasons. The original PoC by Google worked without any changes."
According to information obtained by UMVA, this vulnerability affects all versions of Windows. While it appears reliably exploitable, success rates can vary due to a race condition—meaning some attempts may fail while others succeed spectacularly.
This isn't Nightmare-Eclipse's first rodeo with Microsoft vulnerabilities. Last month, the researcher released a different exploit that brought the RedSun vulnerability in Microsoft Defender into the spotlight, further fueling concerns about the tech giant's security practices.