<ul><li>An unpatched Windows zero-day vulnerability has been exploited by 11 nation-state attackers and financially motivated groups.</li><li>The vulnerability allows attackers to craft malicious shortcut (.lnk) files, enabling the execution of hidden commands when opened by the user.</li><li>The bug has been in use since 2017, with 70% of the attacks attributed to nation-state actors, primarily from North Korea.</li><li>Microsoft considers the vulnerability a UI issue rather than a critical security issue, but may address it in a future feature release.</li></ul>

An unpatched Windows zero-day flaw has been exploited by 11 nation-state attackers

Discover more