How is this supposed to be zero-click? All attack scenarios require either the attacker to modify configuration files, or the user to click on a malicious shortcut.
> either the attacker to modify configuration files, or the user to click on a malicious shortcut.
don't you mean "x and y" instead of "either x or y"?
It's not triggered by a default-configured shortcut, you need both modifying of the shortcuts definition file and the target user to trigger it. Notably, modifying the shortcuts definition file requires a permission level equal to or higher than the user has
don't you mean "x and y" instead of "either x or y"?
It's not triggered by a default-configured shortcut, you need both modifying of the shortcuts definition file and the target user to trigger it. Notably, modifying the shortcuts definition file requires a permission level equal to or higher than the user has