State sponsored hackers have been exploiting this LNK vulnerability for years - and it has only just been patched by Microsoft

The LNK vulnerability was used to launch remote code execution in cyber-espionage, data theft, and fraud attacks.

Microsoft "mitigates" Windows LNK flaw exploited as zero-day

Microsoft has silently mitigated a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime ...
The Hacker News

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

In other words, these shortcut files are crafted such that viewing their properties in Windows conceals the malicious ...
SecurityWeek

Microsoft Silently Mitigated Exploited LNK Vulnerability

Microsoft has silently mitigated CVE-2025-9491, a Windows vulnerability exploited to distribute malware via LNK files ...
How-To Geek on MSN

Windows 11 zero-day security vulnerability gets partial fix from Microsoft

Microsoft has quietly rolled out a partial mitigation for the high-severity Windows LNK vulnerability, CVE-2025-9491, which ...

Microsoft Silently Fixes 8-Year Windows Security Flaw

The flaw, tracked as CVE-2025-9491, allowed cybercriminals to hide malicious commands from users inspecting files through ...
Homeland Security Today

The Missing LNK — Correlating User Search LNK Files

Forensic investigators use LNK shortcut files to recover metadata about recently accessed files, including files deleted after the time of access. In a recent investigation, FireEye Mandiant ...
Bleeping Computer

Malicious Windows 'LNK' attacks made easy with new Quantum builder

Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. LNKs are Windows shortcut files that can ...