Microsoft isn't fixing 8-year-old shortcut exploit abused for spying

Trend Micro's Zero Day Initiative disclosed a Windows shortcut (.LNK) exploitation technique—used since around 2017—where attackers hide malicious command-line instructions by inserting megabytes of whitespace in shortcut arguments; the firm found nearly 1,000 tampered .LNK files and attributes roughly 70% of samples to state-sponsored actors (46% North Korea). Trend reported the issue to Microsoft as a zero-day, but Microsoft has treated it as a UI issue and has not issued an immediate security patch, leaving the vector available for espionage and malware delivery.