As you maybe have heard already. There is a shell exploit that is executed when Windows shows just the icon from a link file. MS works on it but currently you can only remove the icon handler key from the registry to be “safe”. See this link. It also tells us the impact of the action. ...
More...