Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

/in

Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company’s November 2025 Patch Tuesday updates, according to ACROS Security’s 0patch.
The vulnerability in question is CVE-2025-9491 (CVSS score: 7.8/7.0), which has been described as a Windows Shortcut (LNK) file UI misinterpretation vulnerability that could lead to remote

The Hacker News – ​Read More

These Cyber Monday smart glasses deals are still live: Shop big sales like Meta...Fake ChatGPT Atlas Browser Used in ClickFix Attack to Steal Passwords