A vulnerability discovered since 2017 has been silently fixed by Microsoft as part of its November 2025 Patch Tuesday updates. The issue, CVE-2025-9491, is a Windows Shortcut (LNK) file UI misinterpretation vulnerability that can lead to remote code execution.
Microsoft has now addressed the problem by showing in the Properties dialog box the entire Target command with arguments, no matter its length. However, Microsoft’s approach is cautious and does not consider it a critical issue due to user interaction involved and system warnings about untrusted file formats.
In contrast, 0patch, an expert on patch management, has released a micropatch that displays a warning when users attempt to open LNK files with command-line arguments over 260 characters. This approach aims to disrupt malicious attacks detected in the wild.
While Microsoft’s decision not to patch the vulnerability earlier raised concerns, the company continues to emphasize the importance of user caution when downloading files from unknown sources and rolling out product updates to enhance customer security.
Source: https://thehackernews.com/2025/12/microsoft-silently-patches-windows-lnk.html