top of page

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

3 december 2025 om 17:46:36

thehackernews.com

Microsoft silently patched CVE-2025-9491, a Windows Shortcut (LNK) file UI misinterpretation vulnerability with CVSS score 7.8/7.0. The flaw has been actively exploited by multiple threat actors since 2017. The vulnerability was addressed in Microsoft's November 2025 Patch Tuesday updates. ACROS Security's 0patch reported on this silent fix. The vulnerability could lead to remote exploitation through malicious LNK files.

Related links:

https://thehackernews.com/2025/12/microsoft-silently-patches-windows-lnk.html

Related CVE's:

CVE-2025-9491

Related threat actors:

No threat actors found in this article

Affected products:

Windows

IOC's:

No IOCs found in this article

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page