Why does the notepad app do anything but edit text?
Windows Notepad App Remote Code Execution Vulnerability
Submitted 3 weeks ago by Beep@lemmus.org to technology@lemmy.world
https://news.ycombinator.com/item?id=46971516
Comments
hperrin@lemmy.ca 3 weeks ago
Venator@lemmy.nz 3 weeks ago
Feature creep.
RickyRigatoni@piefed.social 3 weeks ago
Creature feep
MonkderVierte@lemmy.zip 3 weeks ago
Well, it was bad at that too.
x00z@lemmy.world 3 weeks ago
I hate the absolute misuse of the RCE definition. An RCE used to not have any user interaction.
Fokeu@lemmy.zip 3 weeks ago
Damn poor windows users… Just kidding lmao
just_another_person@lemmy.world 3 weeks ago
Jesus, WOW
_edge@discuss.tchncs.de 2 weeks ago
Is there a non-sense free description.
So far, i learned that notepad can open links from Markdown. I assume Markdown calls some Windows API open(link) where link is any string. That’s hardly a vulnerability by itself, that’s working as designed.
Where does the code execution happen? Is it open(hackersite.com/exploite.exe)? Can’t be. They’re not that stupid.
Is it open(file:///PowerShell.exe?atbitaryCodeHere)? Who would allow this?
Or open(teams://magic/doThing)?
This sounds like trying to blame notepad (and by proxy all app developers) for a design flaw in the ecosystem
MonkderVierte@lemmy.zip 3 weeks ago
[deleted]Chronographs@lemmy.zip 2 weeks ago
Well notepad++ hasn’t been looking great notepad-plus-plus.org/…/hijacked-incident-info-up…
MonkderVierte@lemmy.zip 3 weeks ago
Btw, ycombinator supports no activitypub? I think it would fit well.
infeeeee@lemmy.zip 3 weeks ago
TIL notepad can render markdown
7isanoddnumber@sh.itjust.works 2 weeks ago
The addition of markdown support is what opened this vulnerability, iirc.