Bleeping Computer

Windows 11 Notepad flaw let files execute silently via Markdown links

Microsoft has fixed a "remote code execution" vulnerability in Windows 11 Notepad that allowed attackers to execute local or remote programs by tricking users into clicking specially crafted Markdown ...
TechRadar

Microsoft patches concerning Windows 11 Notepad security flaw - Markdown issues could have ...

Microsoft patches Windows 11 Notepad RCE flaw CVE-2026-20841 Vulnerability exploited Markdown links to execute malicious code with user permissions Patch Tuesday update fixes issue; versions 11.2510 ...
The Verge

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...
ExtremeTech

Microsoft Fixes Windows 11 Bug That Let Attackers Run Remote Code in Notepad

Share on Facebook (opens in a new window) Share on X (opens in a new window) Share on Reddit (opens in a new window) Share on Hacker News (opens in a new window) Share on Flipboard (opens in a new ...
来自MSN

Notepad's new Markdown powers served with a side of remote code execution

Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).… Tracked as CVE-2026-20841 (8.8), the ...
PC Magazine

Bloat Risk? Microsoft's Notepad Upgrade Also Introduced a Vulnerability

Bloat Risk? Microsoft's Notepad Upgrade Also Introduced a Vulnerability The flaw exploits Notepad’s recently added support for Markdown, a formatting language used on websites and in files, to run ...
TweakTown

Extra features for Windows 11 Notepad go beyond worries about bloat, as new security flaw shows

TL;DR: Windows 11's Notepad app has a security flaw rated as a 'high' severity vulnerability, one that allows for remote code execution. The good news is that it's already been patched by Microsoft, ...
Ars Technica

Notepad++ users take note: It’s time to check if you’re hacked

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...
来自MSN

Notepad++ was hijacked by bad actors in 2025. Here's what you need to know.

Notepad++, one of the most popular alternatives to the native Notepad app in Windows 11, has today published on its website a security disclosure stating that the app was "hijacked by state-sponsored ...

WinUIpad: AI to the Rescue

With progress slowing to a crawl, I researched Windows App SDK alternatives and then started experimenting with AI pair programming.
TweakTown

Notepad++ hack detailed - and what to do if you think you might be affected

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...