FILE Microsoft Windows Internet Shortcut Point to Location with UNC or Remote Path

Rule ID

1233205

Severity

High

Description

A security feature bypass vulnerability has been reported in Microsoft Windows. This vulnerability is due to improper handling of Internet Shortcuts. A remote attacker could exploit this vulnerability by enticing a target user to open a crafted shortcut or visit a malicious link. Successful exploitation could result in spoofing, the bypass of SmartScreen security warnings or the disclosure of a targeted user's NTLM hash.

Impact

Privilege escalation

Recommendation

Update vendor's patch.

IPS Category

Exploits

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2025-21377

CVE-2023-32046

CVE-2023-36025

CVE-2024-21412

CVE-2024-43451

T1078

T1021.002

T1550.002

T1649

Keywords

Windows Server 2008, Windows Server 2012, Windows Server 2016, Windows Server 2019

Date Created

2023/07/12

Last Updated

2026/01/19

This website uses cookies to ensure you get the best experience on our website.