Microsoft is reportedly working on yet another "advanced" Notepad feature that has little to do with basic text editing.

PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...

Microsoft patches CVE-2026-20841, a high-severity Windows Notepad flaw that could allow code execution via malicious Markdown ...

Notepad has quietly evolved over the past few years, and image support could mark its biggest shift yet, especially after Microsoft removed WordPad from Windows and left a gap for richer editing. The ...

Users could be tricked into running arbitrary code, but the issue was patched last week.

Why can't it just be a basic text editor?!

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...

Notepad++ has adopted a "double-lock" design for its update mechanism to address recently exploited security gaps that ...

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ...

PCWorld reports that Notepad++’s WinGUp update system was compromised between June and December 2025, delivering malware through corrupted executables to targeted users. While the popular text editor ...

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported that bad actors were hijacking its update mechanism to redirect traffic to ...