Microsoft fixes Notepad flaw that would trick customers into clicking malicious Markdown hyperlinks


Microsoft has mounted a severe safety vulnerability affecting Markdown recordsdata in Notepad. Within the firm’s Tuesday patch notes, Microsoft says a nasty actor may perform a distant code execution assault by tricking customers “into clicking a malicious hyperlink inside a Markdown file opened in Notepad,” as reported earlier by The Register.

Clicking the hyperlink would “launch unverified protocols,” permitting attackers to remotely load and execute malicious recordsdata on a sufferer’s laptop, based on the patch notes. Microsoft says there isn’t any proof of attackers exploiting the Notepad vulnerability (CVE-2026-20841) within the wild, nevertheless it issued a repair for the flaw in its Tuesday patch.

Microsoft initially added assist for Markdown, a plaintext formatting language, to Notepad on Home windows 11 final Might. The transfer contributed to criticism that Microsoft is filling its working system with bloatware, together with by stuffing new options and AI capabilities into apps like Notepad and Paint.

Notepad isn’t the one textual content editor that has confronted safety points not too long ago, because the third-party Notepad++ app disclosed that some customers could have downloaded a malicious replace linked to Chinese language state-sponsored attackers.



Source link

Related articles

Sony Launches $120 In-Ear Displays For Execs

The IER-M500 earphones have been designed for match and luxury throughout stage put on. ...

The Actual Motive Your Content material Sounds Generic, and Why AI Is not the Drawback

The commonest query organizations are asking proper now's some model of this: How will we make our AI-generated content material sound much less like AI? Organizations are investing in voice coaching, customized model guides,...

IG Markets South Africa CEO Joins Investec Following Workplace Closure

Aphindile AB Bokleni has stepped down as Chief Govt Officer of IG Markets South Africa and joined Investec's Prime Providers division, in keeping with an replace on his LinkedIn profile.The transfer comes months after IG Group closed its...

Dogecoin Eyes $0.12 As Merchants Look For A Cleaner Breakout Sign

Dogecoin is again in a well-recognized place: shut sufficient to a breakout degree to get merchants , however not far sufficient by means of it to make the transfer really feel settled. The...

Medtronic: A Close to Decade Excessive Dividend For This Aristocrat (NYSE:MDT)

This text was written byObserveBrett Ashcroft-Inexperienced, CFP® is a CERTIFIED FINANCIAL PLANNER™ skilled and fee-only fiduciary. He's the proprietor and lead advisor at Ashcroft Inexperienced Advisors.Brett writes on In search of Alpha about...
spot_img

Latest articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

WP2Social Auto Publish Powered By : XYZScripts.com