State sponsored hackers have been exploiting this LNK vulnerability for years - and it has only just been patched by Microsoft

The LNK vulnerability was used to launch remote code execution in cyber-espionage, data theft, and fraud attacks.
Cybernews

Despite Microsoft’s secret patch, LNK loophole remains viable for hackers to deliver malware

Microsoft has released a patch for link (LNK) files. However, it does not stop hackers from abusing them to deliver malware.
SecurityWeek

Microsoft Silently Mitigated Exploited LNK Vulnerability

Microsoft has silently mitigated CVE-2025-9491, a Windows vulnerability exploited to distribute malware via LNK files ...
How-To Geek on MSN

Windows 11 zero-day security vulnerability gets partial fix from Microsoft

The target field in your Windows shortcuts has been a hotbed for viruses for years.
Homeland Security Today

The Missing LNK — Correlating User Search LNK Files

Forensic investigators use LNK shortcut files to recover metadata about recently accessed files, including files deleted after the time of access. In a recent investigation, FireEye Mandiant ...
The Hacker News

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

In other words, these shortcut files are crafted such that viewing their properties in Windows conceals the malicious ...
Infosecurity-magazine.com

Cyber-criminals Shift From Macros to Shortcut Files to Hack Business PCs, HP Reports

Cyber-criminals spreading malware families are shifting to shortcut (LNK) files to deliver malware, HP Wolf Security’s latest report suggests. According to the new research, shortcuts are gradually ...
CSOonline

Microsoft Defender SmartScreen bug actively used in stealer campaign

An actively exploited security bypass vulnerability in Microsoft Defender SmartScreen is being exploited in a new stealer campaign to download malicious executables on the victim’s system. Tracked as ...