"Microsoft quietly patched a critical Windows vulnerability that hackers have been exploiting for nearly eight years. The flaw, tracked as CVE-2025-9491, allowed cybercriminals to hide malicious commands from users inspecting files through Windows' standard interface-but the tech giant never officially announced the fix. For eight years, Windows users unknowingly lived with a security hole that nation-states exploited daily. State-sponsored hacking groups from China, Iran, North Korea, and Russia weaponized this Windows shortcut vulnerability since 2017."
"Trend Micro's Zero Day Initiative discovered that 11 different government-backed teams actively exploited the security hole, turning what should have been harmless shortcut files into dangerous attack vectors. The vulnerability affected how Windows displays .LNK (shortcut) files, enabling attackers to craft malicious shortcuts that appeared completely safe when users checked their properties. Security researchers identified nearly 1,000 malicious shortcut files exploiting this flaw across offensive campaigns dating back eight years."
Microsoft quietly patched a critical Windows vulnerability tracked as CVE-2025-9491. The flaw allowed attackers to hide malicious commands inside .LNK shortcut files by exploiting the Properties dialog limitation that shows only the first 260 characters of long Target arguments. Attackers placed dangerous payloads beyond that limit, making shortcuts appear legitimate during inspection. Trend Micro's Zero Day Initiative identified nearly 1,000 malicious shortcut files and attributed active exploitation to 11 different government-backed teams from China, Iran, North Korea, and Russia dating back to 2017. Microsoft initially declined emergency servicing and planned a future release instead of an immediate fix.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]