By Sergiu Gatlan
Publication Date: 2026-02-12 21:01:00
Today, at Wild West Hackin’ Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads.
Beukema documented four previously unknown techniques for manipulating Windows LNK shortcut files to hide malicious targets from users inspecting file properties.
LNK shortcuts were introduced with Windows 95 and use a complex binary format that allows attackers to create deceptive files that appear legitimate in Windows Explorer’s properties dialog but execute entirely different programs when opened.
The discovered issues exploit inconsistencies in how Windows Explorer prioritizes conflicting target paths specified across multiple optional data structures within shortcut files.
The most effective variants use forbidden Windows path characters, such as double quotes, to create seemingly valid but technically invalid paths, causing Explorer to display one target while executing…
.png?width=1200&height=630&fit=crop&enable=upscale&auto=webp&resize=1200,630&ssl=1 "Amazon has a GeForce RTX 5080 prebuilt PC available now, at least while stock remains")