this post was submitted on 12 Feb 2026
313 points (98.5% liked)

Technology

81078 readers
4048 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
313
Microsoft's Notepad Got Pwned (They Added AI To It, So...) (foss-daily.org)
submitted 1 day ago by themachinestops@lemmy.dbzer0.com to c/technology@lemmy.world
38 comments fedilink hide all child comments
 

Remember when Notepad was just… Notepad? A simple text editor nobody asked to be modernized?

Yeah, Microsoft didn’t care either. They bolted on Markdown support and AI features anyway. And now we’ve got CVE-2026-20841. Remote code execution. Via a text file. This is the kind of thing that makes you go “oh come on, really?”

you are viewing a single comment's thread
view the rest of the comments
[–] khapyman@sopuli.xyz 15 points 1 day ago (1 children)

As I'm in no position to demand company wide switch to a sane operating system I'm constantly in awe of new and innovative ways Microsoft has managed to make my day suck. One such thing is that they have decided that Win 11 Notepad will convert everything it touches to UTF-16. That's kind of a problem when an external system expects ISO-8859-15 and users have decades of experience in editing said config files with Notepad.

[–] random_character_a@lemmy.world 2 points 1 day ago* (last edited 1 day ago) (1 children)

For some reason I have a vague memory that the old notepad is still there. You just need to do a extra loop to start it. I'll check if I can find the link.

It's been a while and I'm a Linux user, so I didn't really pay attention.

Edit: It's in the system32 folder

[–] khapyman@sopuli.xyz 9 points 1 day ago (1 children)

That's pretty much the problem. You know how to work around the issue. I know how to work around the issue. Institutional knowledge doesn't and just opens the application just like they've always done. I resolved this one by associating .csv files with Notepad++ company wide. Now this is a mandated change so they'll grumble and get on track.

The real issue I have with all this is changing data without consent. It's like the new Notepad is malware all by itself, doesn't even need remote exploits.

And hello fellow Linux user :)

[–] vala@lemmy.dbzer0.com 3 points 21 hours ago (1 children)

Wasn't notepad++ just compromised in a pretty major way?

[–] random_character_a@lemmy.world 2 points 11 hours ago

I understood that it wasn't notepad++ software itself, but some foreign actor did some high level shit on the update channels of their platform.