Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company’s Tuesday patch notes, Microsoft says a bad actor could carry out a remote code execution ...
WinBuzzer

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install ...

Windows Notepad is now complex enough to have a serious security flaw

You can infect your PC with malware without ever leaving Notepad, thanks to recent updates and additions. Hooray.
PCMag

Bloat Risk? Microsoft's Notepad Upgrade Also Introduced a Vulnerability

The flaw exploits Notepad’s recently added support for Markdown, a formatting language used on websites and in files, to run malicious code on a Windows PC.