Microsoft has released a patch for link (LNK) files. However, it does not stop hackers from abusing them to deliver malware.

Microsoft has silently mitigated CVE-2025-9491, a Windows vulnerability exploited to distribute malware via LNK files ...

The LNK vulnerability was used to launch remote code execution in cyber-espionage, data theft, and fraud attacks.

Microsoft quietly issued a fix for a long-exploited Windows zero-day vulnerability in its November security updates, closing ...

Microsoft has silently mitigated a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime ...

The flaw, tracked as CVE-2025-9491, allowed cybercriminals to hide malicious commands from users inspecting files through ...

Microsoft implemented the "Fix It" tool in an attempt to temporarily plug the security hole and prevent existing attacks that are already exploiting the vulnerability by disabling some icons from ...

Cybersecurity experts warn of a stealthy Microsoft patch addressing a long-exploited Windows LNK zero-day vulnerability, ...

Microsoft has announced plans to launch an emergency patch for the .lnk vulnerability in the Windows shell, after initially indicating it would wait for the next Patch Tuesday release. Despite ...

Microsoft has updated their advisory for the recently-disclosed shortcut-handling vulnerability that affects all versions of Windows. A "Fix-it" is now provided to implement the workaround for the ...