Cybernews

Despite Microsoft’s secret patch, LNK loophole remains viable for hackers to deliver malware

Microsoft has released a patch for link (LNK) files. However, it does not stop hackers from abusing them to deliver malware.

State sponsored hackers have been exploiting this LNK vulnerability for years - and it has only just been patched by Microsoft

The LNK vulnerability was used to launch remote code execution in cyber-espionage, data theft, and fraud attacks.
SecurityWeek

Microsoft Silently Mitigated Exploited LNK Vulnerability

Microsoft has silently mitigated CVE-2025-9491, a Windows vulnerability exploited to distribute malware via LNK files ...
The Hacker News

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

In other words, these shortcut files are crafted such that viewing their properties in Windows conceals the malicious ...
NDTV

Urgent Microsoft Windows Cyberattack Warning: Avoid Opening These Files

Windows users have been urged to practice caution. Microsoft warns Windows users of a cyberattack exploiting a longstanding LNK file vulnerability. The vulnerability, ZDI-CAN-25373, is being actively ...
Homeland Security Today

The Missing LNK — Correlating User Search LNK Files

Forensic investigators use LNK shortcut files to recover metadata about recently accessed files, including files deleted after the time of access. In a recent investigation, FireEye Mandiant ...
MUO on MSN

This tiny Windows shortcut file is a bigger security threat than you think

Malicious LNK shortcuts expose a long-standing weakness in Windows.
CSOonline

Attackers move away from Office macros to LNK files for malware delivery

Barriers that Microsoft has placed to prevent malicious macros has forced some cybercriminals to use LNK files for malware delivery, but at the cost of easier detection. For years attackers have used ...