By The Hacker News
Publication Date: 2025-12-03 17:46:00
Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company’s November 2025 Patch Tuesday updates, according to ACROS Security’s 0patch.
The vulnerability in question is CVE-2025-9491 (CVSS score: 7.8/7.0), which has been described as a Windows Shortcut (LNK) file UI misinterpretation vulnerability that could lead to remote code execution.
“The specific flaw exists within the handling of .LNK files,” according to a description in the NIST National Vulnerability Database (NVD). “Crafted data in an .LNK file can cause hazardous content in the file to be invisible to a user who inspects the file via the Windows-provided user interface. An attacker can leverage this vulnerability to execute code in the context of the current user.”
In other words, these shortcut files are crafted such that viewing their properties in Windows conceals the malicious…
/cdn.vox-cdn.com/uploads/chorus_asset/file/25457996/VST_0521_Sitejpg.jpg?resize=1200,628&ssl=1 "Microsoft has entered the era of AI-powered PCs.")
