Dima Lenz

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the February 2024 patch update are affected, including Windows 10 and Windows 11. **Description** The vulnerability is related to Internet Shortcut Files and allows attackers to bypass Microsoft Defender SmartScreen, enabling them to execute arbitrary code on affected systems. This issue has been exploited by the Water Hydra APT group, targeting financial traders. The attackers use specially crafted files to bypass security warnings, leading to the installation of malware such as DarkMe. Phishing emails are a common threat vector used in these attacks. **Recommendations** To resolve the issue, apply the February 2024 patch update or later to your Microsoft Windows system. Ensure that your Windows operating system is up-to-date to protect against this vulnerability. As a temporary workaround, consider restricting access to Internet Shortcut Files and avoiding the use of suspicious links or files from untrusted sources until the patch is applied.