Microsoft’s Patch Tuesday: Addressing the MiniPlasma Vulnerability
On a recent Tuesday, Microsoft rolled out a significant patch update that addressed a range of security concerns, including the MiniPlasma vulnerability. This particular security flaw, disclosed by the researcher known as Nightmare Eclipse, had been previously identified as CVE-2020-17103. Originally patched six years ago, MiniPlasma re-emerged due to a regression or an incomplete patch in its initial form. Microsoft acknowledged this oversight and updated its bulletin to reflect the republication of the fix.
Challenges with YellowKey and Other Vulnerabilities
While Microsoft has successfully addressed MiniPlasma, several other vulnerabilities disclosed by Nightmare Eclipse remain unpatched. Among these is YellowKey, a significant vulnerability that compromises Bitlocker’s full disk encryption. This flaw is particularly concerning as it facilitates attacks when an adversary gains physical access to a device, undermining the primary purpose of Bitlocker. Microsoft has provided manual mitigation instructions but has yet to resolve the root cause of this vulnerability.
The status of other vulnerabilities identified by Nightmare Eclipse, such as RedSun and BlueHammer, is still uncertain. RedSun affects Windows Defender, while BlueHammer allows local privilege escalation to acquire SYSTEM rights.
Nightmare Eclipse and Microsoft’s Disclosure Dilemma
Nightmare Eclipse has been a vocal critic of Microsoft’s vulnerability disclosure program over recent months. While specific grievances remain ambiguous, they have highlighted perceived deficiencies in Microsoft’s handling of security disclosures. Microsoft, in response, accused the researcher of irresponsible disclosure practices and hinted at potential legal action. However, following public backlash, the company retracted this stance and committed to not pursuing legal action against Nightmare Eclipse.
Recent Exploit Releases and Patch Impact
On the same Tuesday, Nightmare Eclipse released exploit code targeting a new Windows vulnerability, a race condition affecting Defender. This came amidst Microsoft’s patch batch that addressed approximately 200 vulnerabilities, including two zero-day threats. Despite the breadth of the updates, the security community remains vigilant, particularly concerning the unpatched vulnerabilities.
For a detailed account and further updates, visit the source link Here.
“`
