It has only taken eight years, but Microsoft has finally activated a crucial silent security update for millions of Windows users. Here’s what you need to know.
You don’t have to wait until next week for the monthly Patch Tuesday rollout for this Windows surprise: Microsoft has silently updated Windows security protections for millions of users against a critical hacking threat.
And it’s only taken, erm, eight years.attack. Go read it for the full gory details, but the gist of the thing is that it exploited the Windows .LNK shortcut while being disguised as a legitimate PDF document. On June 9, I published an article warning of another. But that was just me, and just during 2025. The common denominator is that the vulnerability was unpatched, and Microsoft seemingly had no intention of fixing it.. “Our analysis revealed that 11 state-sponsored groups from North Korea, Iran, Russia, and China have employed ZDI-CAN-25373 in operations primarily motivated by cyber espionage and data theft,” Trend Micro said in March 2025. At the time, well, at all of those times, Microsoft told me that “Microsoft Defender has detections in place to detect and block this threat activity, and the Smart App Control provides an extra layer of protection by blocking malicious files from the Internet.” What’s more, a Microsoft spokesperson said, “While the UI experience described in the report does not meet the bar for immediate servicing under our severity classification guidelines, we will consider addressing it in a future feature release.”Mitja Kolsek, founder of ACROS Security, which provides the 0patch platform to apply seamless micro-patches where no official Microsoft patch exists, Windows zero-days being the most visible and obvious example, has now revealed that the November Patch Tuesday updates fixed the vulnerability. Well, not a vulnerability, as the issue was “apparently demoted from vulnerability to functional bug,” The Properties dialog of a .lnk file shows the entire Target command with arguments, no matter how long it is,” Kolsek has confirmed. “The theoretically-up-to-32k-character-long string is now shown in the same single-line field that can't even reveal an entire modest-sized command without selecting some text and moving the mouse left or right,” he added.that Microsoft is "continuously rolling out product and UI enhancements to help keep customers protected and improve the experience."
Microsoft Security Microsoft Silently Switches On Critical Windows Pr CVE-2025-9491 Silent Windows Security Update Critical Update Windows Update Windows Hack Attack
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Woman drives onto lawn and breaks windows at man’s home: Brunswick Hills Township Police Blotter.Also in this week’s Brunswick Hills Township Police blotter, a woman reports being attacked at a bar.
Read more »
Sony’s new A7 V uses a partially stacked sensor so you can shoot silentlySony is announcing a new A7 V camera with lots of little refinements and quality-of-life improvements, like a partially stacked sensor and revised grip ergonomics.
Read more »
Buffalo Bills CB explains what 'activates' Josh AllenA scuffle with a Steelers player during the Bills' win over the Pittsburgh seemed to light a fire under the Buffalo QB.
Read more »
SAPD activates Holiday Crime Reduction Task Force to combat car burglariesThe San Antonio Police Department has activated the Holiday Crime Reduction Task Force for the 2025 holiday season.
Read more »
Ethereum Activates Fusaka Upgrade, Aiming to Cut Node Costs, Speed Layer-2 SettlementsAt the center of the upgrade is PeerDAS, a system that lets validators check slices of data rather than entire “blobs,” reducing costs and computational load
Read more »
Nogales activates binational protocol to control fire in abandoned building near border, Nogales TV saidEmergency crews in Nogales, Sonora, with support from Nogales, Arizona, firefighters, brought a fire under control Tuesday, Nogales TV said.
Read more »