Comment on A remote code execution vulnerability has been found in Microslop Notepad
Liketearsinrain@lemmy.ml 1 week agoI have a pretty good guess. They were using ShellExecute or a similar API with only "notepad” as a name or “edit” as a verb. The search order would end up finding your shortcut first.
This would be odd behavior (the path should be be the full path and start at system32) but I don’t have IE6 and Windows 95 to find the exact API lol.
ChickenLadyLovesLife@lemmy.world 1 week ago
Sure, but in my case “Notepad” was a shortcut to actual Notepad.exe. It still should have worked.
bitjunkie@lemmy.world 1 week ago
iirc .lnk files didn’t pass along params to the actual executable, at least not in 9x
src: first tech job was at a MS silver partner in the 90s