HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Windows Notepad App Remote Code Execution Vulnerability(msrc.microsoft.com)

23 points·by dunder_cat·قبل 5 أشهر·4 comments
msrc.microsoft.com
Windows Notepad App Remote Code Execution Vulnerability

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20841

4 comments

x______________·قبل 5 أشهر
You can uninstall the AI-RCE version of Notepad from Apps - Settings to revert to the stock version.

Giveth the state of things lately, I'm anxiously waiting for someone to confirm that the latest OS updates have removed this ability..
hulitu·قبل 5 أشهر
> Windows Notepad App Remote Code Execution Vulnerability

> Max Severity: Important

ROTFL. Can Microsoft get any lower than this ? "Yes they can"™
ycui1986·قبل 5 أشهر
it is bizarre that a notepad app can have remote code execution. how much unnecessary function did MS add to get to this point?
wtallis·قبل 5 أشهر
Things started to go downhill when it stopped being a .exe in System32 and started being distributed through the MS Store. They've escalated from spell check and tabs to full rich text formatting (remember WordPad?) and Copilot. But this vulnerability stems from links in Markdown documents, so I guess they're well on their way to embedding most of a web browser as they rediscover all the security implications.