Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Microsoft has fixed a critical vulnerability affecting Markdown files in Notepad. in The company’s patch notes on TuesdayMicrosoft says a nefarious actor could carry out a remote code execution attack by tricking users into “clicking on a malicious link within a Markdown file open in Notepad.” I mentioned it earlier before Record.
Clicking on the link will “launch unverified protocols,” allowing attackers to upload and remotely execute malicious files on the victim’s computer, according to the patch notes. Microsoft says there is no evidence of attackers exploiting the Notepad vulnerability (CVE-2026-20841) in the wild, but released a fix for the bug in Patch Tuesday.
Microsoft first Additional support Markdown, a plain text formatting language, came to Notepad on Windows 11 last May. This step contributed to Criticism of Microsoft It fills its operating system with bloatware, including by stuffing new features and AI capabilities into it Applications such as Notepad and paint.
Notepad isn’t the only text editor to have encountered security issues recently. As a third-party Notepad++ application It revealed that some users may have downloaded a malicious update linked to Chinese state-sponsored attackers.