Microsoft Patched Windows LNK Vulnerability Abused by Hackers to Hide Malicious Code

Microsoft quietly modified Windows to address a long-exploited shortcut (.lnk) UI flaw (CVE-2025-9491) that hid malicious commands from the Properties dialog; Trend Micro identified ~1,000 malicious shortcuts dating to 2017 and Arctic Wolf attributed active exploitation in Sept–Oct 2025 to UNC6384 delivering PlugX against diplomatic targets, prompting third-party micropatches and recommendations for enhanced endpoint detection and user awareness.