Notepad++ v8.5.6 still vulnerable to possible arbitrary code execution
securitylab.github.comI think that N++ is a one-programmer project.
Don Ho seems like a really cool guy.
I hope he is able to get the patch Incorporated, because it sounds like the security team provided one.
Thanks Don, for your work; and thanks Jaroslav, for the security discovery.
He was an asshole when I once requested a feature to color the lines white, which appear when folding code.
A specially crafted malicious file when opened by Notepad++ may be able to execute arbitrary code on the victim's computer, without any further interaction, aside from opening the malicious file.