Windows Notepad App Remote Code Execution Vulnerability

Windows Notepad App Remote Code Execution Vulnerability(msrc.microsoft.com)

23 points by dunder_cat 96 days ago | 4 comments

You can uninstall the AI-RCE version of Notepad from Apps - Settings to revert to the stock version.

Giveth the state of things lately, I'm anxiously waiting for someone to confirm that the latest OS updates have removed this ability..

ycui1986 96 days ago |

it is bizarre that a notepad app can have remote code execution. how much unnecessary function did MS add to get to this point?

wtallis 96 days ago | |

Things started to go downhill when it stopped being a .exe in System32 and started being distributed through the MS Store. They've escalated from spell check and tabs to full rich text formatting (remember WordPad?) and Copilot. But this vulnerability stems from links in Markdown documents, so I guess they're well on their way to embedding most of a web browser as they rediscover all the security implications.

hulitu 96 days ago |

> Windows Notepad App Remote Code Execution Vulnerability

> Max Severity: Important

ROTFL. Can Microsoft get any lower than this ? "Yes they can"™