An old elevation-of-privilege (EoV) vulnerability affecting the Cloud Filter driver “cldflt.sys” in Windows has come back to haunt Microsoft, as researchers claim it is still exploitable six years after it was supposedly patched.
The flaw, originally reported to Microsoft by Google Project Zero researcher James Forshaw in September 2020, was recently picked up by Nightmare Eclipse, a researcher on an ongoing spree of Windows bug discoveries, and reworked to gain SYSTEM privileges.
“I’m unsure if Microsoft just never patched the issue or the patch was silently rolled back at some point for unknown reasons,” Eclipse said in a PoC writeup, calling the re-discovery ‘MiniPlasma’. “The original Po...