Overview
- Microsoft issued a June update that fixes CVE-2026-45586, the high-severity bug called GreenPlasma that allowed local privilege escalation in the Collaborative Translation Framework, and independent researchers say the same update appears to also address a related MiniPlasma flaw.
- The disclosures began in April when the pseudonymous researcher Nightmare Eclipse published multiple proof-of-concept exploits for core Windows components, and at least three of those bugs were observed used in real-world intrusions by mid-April.
- Some published flaws targeted Windows Defender and BitLocker, which could let an attacker disable built-in protections or weaken local disk encryption and therefore make malware install or data access easier for an intruder.
- Microsoft has removed the researcher’s accounts from platforms such as GitHub and GitLab and has warned it may pursue legal action, while the researcher continued to publish new exploit code on self-hosted sites after this week’s patches.
- Defenders are applying Microsoft’s patches and ad hoc mitigations to close compressed patch windows, and the episode has renewed debate over whether public proof-of-concept releases help security or instead raise the risk and operational burden for organizations and users.