Windows LNK Exploits

State-backed and criminal actors have long abused Windows .lnk shortcut handling and UI‑misrepresentation flaws (e.g., ZDI-CAN-25373/CVE-2025-9491) to hide command-line arguments and deliver malware, prompting detection guidance and uneven vendor fixes.

List of posts related to this topic

Post Title	Date Published↓	Describes Incident	Feed
Microsoft: New Windows LNK spoofing issues aren't vulnerabilities	2026-02-12	True	Bleeping Computer Not Subscribed
Microsoft quietly shuts down Windows shortcut flaw after years of espionage abuse	2025-12-04	True	The Register (Security) Not Subscribed
Microsoft Patched Windows LNK Vulnerability Abused by Hackers to Hide Malicious Code	2025-12-03	True	cybersecurityNews.com Not Subscribed
Windows Shortcut (LNK) Malware Strategies	2025-07-02	True	Palo Alto Networks Unit 42 Not Subscribed
Nation-state actors and cybercrime gangs abuse malicious .lnk files for espionage and data theft	2025-03-18	True	Security Affairs Not Subscribed
8-Year Old Windows Shortcut Zero-Day Exploited by 11 State-Sponsored Hacker Groups	2025-03-18	True	cybersecurityNews.com Not Subscribed
New Windows zero-day exploited by 11 state hacking groups since 2017	2025-03-18	True	Bleeping Computer Not Subscribed
Microsoft isn't fixing 8-year-old shortcut exploit abused for spying	2025-03-18	True	The Register (Security) Not Subscribed