Remote Code Execution Vulnerability in Microsoft Windows LNK File Handling
CVE-2025-9491

7HIGH

Key Information:

Vendor: Microsoft
Status: Windows
Vendor: CVE Published:; 26 August 2025

What is CVE-2025-9491?

A security flaw exists in the handling of .LNK files within Microsoft Windows. This vulnerability allows attackers to create specially crafted LNK files that can mask malicious content from users inspecting the file through the typical Windows user interface. When a user interacts with the malicious page or file, the attacker can execute arbitrary code in the context of the user's session. This highlights the importance of being cautious with LNK files, especially those obtained from untrusted sources.

Affected Version(s)

Windows 11 Enterprise 23H2 22631.4169 x64

References

https://www.zerodayinitiative.com/advisories/ZDI-25-148/

x_research-advisory

CVSS V3.0

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 26, 2025
Vulnerability Reserved
Aug 26, 2025