Bleepingcomputer
Microsoft Mitigates Windows LNK Vulnerability Exploited in Zero-Day Attacks
First seen 3 Dec 2025, 17:41 UTC
•

•78% similarity
•48.0
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Microsoft has mitigated a high-severity Windows LNK vulnerability, tracked as CVE-2025-9491, which has been exploited by state-backed and cybercrime groups in zero-day attacks. This flaw allows attackers to hide malicious commands within LNK files, requiring user interaction to execute the attacks. Despite the mitigation, the vulnerability remains unpatched, posing ongoing risks to users.
ThreatCluster AI