Hosted on MSN

State sponsored hackers have been exploiting this LNK vulnerability for years - and it has only just been patched by Microsoft

Microsoft’s November 2025 Patch Tuesday fixed 63 flaws, including CVE-2025-9491 in Windows LNK files The bug let attackers hide malicious commands in shortcut files, enabling RCE attacks Exploited ...
CSO Online

Four new reasons why Windows LNK files cannot be trusted

By putting conflicting metadata in LNK files, a researcher found four new ways to spoof targets, hide arguments, and run unintended programs in Windows Explorer.