You might assume that high-risk security vulnerabilities that have been reported by expert security researchers would be fixed as quickly as possible by the affected companies, especially if those vulnerabilities are actively being exploited in the wild. That just makes sense.

Apparently not. One particular security flaw in Windows has not only existed for over eight years, but has been actively exploited ever since… and yet Microsoft refuses to fix it.

The security vulnerability, explained

The flaw in question is a zero-day vulnerability with designation CVE-2025-9491 , which affects the processing of LNK files on Windows and has already been exploited thousands of times.

A recent blog post by researchers from Arctic Wolf brought renewed attention to this issue, who discovered tha

See Full Page