Skip to main content
Cyber Week Sale - Get 40% off Vantage
Get Started
SubscribeLogin
Published loading...Updated

Microsoft Fixes Windows Shortcut Flaw Exploited for Years

Summary by The Register
: Silent Patch Tuesday mitigation ends ability to hide malicious commands in .lnk files

7 Articles

The RegisterThe Register
Center

Microsoft fixes Windows shortcut flaw exploited for years

: Silent Patch Tuesday mitigation ends ability to hide malicious commands in .lnk files

Read Full Article
technewstube.comtechnewstube.com

Microsoft quietly shuts down Windows shortcut flaw after years of espionage abuse

Silent Patch Tuesday mitigation ends ability to hide malicious commands in .lnk files Microsoft has quietly closed off a critical Windows shortcut file bug long abused by espionage and cybercrime networks. . . .

Read Full Article
BetaNewsBetaNews

Microsoft fixes years old actively exploited .lnk flaw in Windows

Microsoft has addressed a security flaw in Windows that has been exploited since at least 2017. The company has not made an official announcement about the fix, but it was spotted by 0patch. The flaw is known as the Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability and has been tracked as CVE-2025-9491. The fix was included in the November batch of updates for Windows. The vulnerability has a security score of 7…

Read Full Article
unsafe.shunsafe.sh

Microsoft Quietly Patched a Windows Lnk Vulnerability that Had Been Exploited for Many Years.

This article explains the causes and solutions for error code 521. This error is typically caused by Cloudflare, indicating that the server cannot connect to the website's origin server. Common causes include origin server unavailability, network problems, or configuration errors. Solutions include checking the origin server status, verifying firewall settings, restarting the server, and contacting your ISP.

Read Full Article
cybernoz.comcybernoz.com

Microsoft Silently Patches Windows LNK Flaw After Years Of Active Exploitation - Cybernoz - Cybersecurity News

Dec 03, 2025Ravie LakshmananVulnerability / Endpoint Security Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company’s November 2025 Patch Tuesday updates, according to ACROS Security’s 0patch. The vulnerability in question is CVE-2025-9491 (CVSS score: 7.8/7.0), which has been described as a Windows Shortcut (LNK) file UI misinterpretation vulnerability that could lea…

Read Full Article
The Hacker NewsThe Hacker News
Reposted by
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company's November 2025 Patch Tuesday updates, according to ACROS Security's 0patch. The vulnerability in question is CVE-2025-9491 (CVSS score: 7.8/7.0), which has been described as a Windows Shortcut (LNK) file UI misinterpretation vulnerability that could lead to remote

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

The Hacker News broke the news in on Wednesday, December 3, 2025.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Security icon

Security

Windows icon

Windows

Cybercrimes icon

Cybercrimes

Espionage icon

Espionage

Microsoft icon

Microsoft

Cybersecurity icon

Cybersecurity

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal