'Windows Shortcut Exploit' (also called CPLINK) is a vulnerability in all Windows versions that causes shortcut link on Windows to run malicious DLL file causing further harm to the system. Microsoft is working on fix for this issue, in the meantime you can check on this exploit using