Unpatched Windows Flaw: A Cyber Espionage Comedy of Errors?
A zero-day vulnerability in Microsoft Windows, ZDI-CAN-25373, is causing a global stir. Exploited since 2017 by state-sponsored groups from North Korea, China, Iran, and Russia, it uses sneaky .LNK files to execute hidden commands. Despite the chaos, Microsoft labels it low severity, so don’t expect a fix any time soon!
Hot Take:
When it comes to cybersecurity, Microsoft seems to be playing an intense game of “how low can you go?” with their severity ratings. While hackers are having a global party with this zero-day vulnerability, Microsoft has decided to snooze on the sofa, labeling it a low threat. Maybe they think we all need a little excitement in our lives, or perhaps they just have a very different definition of “critical.” Either way, it seems like the hackers are the only ones sending out ‘thank you’ cards for this little oversight.
Key Points:
- Microsoft Windows has a zero-day vulnerability exploited by 11 state-sponsored groups since 2017.
- The flaw, ZDI-CAN-25373, allows bad actors to execute hidden commands through .LNK files.
- Over 1,000 artifacts linked to groups like Evil Corp and Kimsuky have been found exploiting the flaw.
- Targets include governments and organizations across the US, Canada, Russia, and more.
- Microsoft has classified the issue as low severity and does not plan to release a patch.