Comment on Notepad++ updater installed malware
smeg@infosec.pub 3 weeks ago
tl;dr A network operator can perform a MitM attack on the built-in updater, telling it a new version is available at <malware URL> and then downloading and running the malware
HaraldvonBlauzahn@feddit.org 3 weeks ago
I would doubt that the average self-updating Windows program has better security.