The Register on MSN

Microsoft quietly shuts down Windows shortcut flaw after years of espionage abuse

Silent Patch Tuesday mitigation ends ability to hide malicious commands in .lnk files Microsoft has quietly closed off a critical Windows shortcut file bug long abused by espionage and cybercrime ...

Microsoft quietly patches LNK vulnerability that's been weaponized for years

The LNK vulnerability was used to launch remote code execution in cyber-espionage, data theft, and fraud attacks.
Hosted on MSN

This tiny Windows shortcut file is a bigger security threat than you think

Shortcuts (LNK files) in Windows are indicated by curved arrows. We often treat them as background noise and don't consider what they actually do beyond opening apps. In fact, there is a huge gap ...
CSOonline

New Windows zero-day feared abused in widespread espionage for years

A zero-day vulnerability stemming from how Windows User Interface handles its shortcut (.lnk) files has been exploited by at least 11 nation-state actors in widespread threat campaigns. According to ...
Ars Technica

Can someone analyze this MALWARE string?

Suspicious Activity: The obfuscation, especially with creating and executing a file in the %TMP% directory (a common place for malware), suggests this script could be part of a malicious payload. The ...
IBTimes UK

Microsoft Issues Unannounced Patch for Zero-Day LNK Vulnerability Used in Real-World Attacks

Microsoft's secret patch fixes 8-Year LNK zero-day exploited by hackers Angel Bena : Pexels Cybersecurity experts warn of a stealthy Microsoft patch addressing a long-exploited Windows LNK zero-day ...