11 Nation-State Hackers Exploit Unpatched Windows Flaw Since 2017

A Windows zero-day vulnerability, allowing malicious code execution through shortcut files, has been exploited by at least 11 nation-state hacking groups since 2017. Despite evidence of widespread attacks, Microsoft has declined to issue a security patch, categorizing the issue as low severity. This decision has been met with criticism from industry leaders, highlighting concerns about Microsoft’s vulnerability disclosure practices and leaving millions of users exposed to cybersecurity threats.