Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Windows 11 Notepad flaw let files execute silently via Markdown links

Microsoft has fixed a "remote code execution" vulnerability in Windows 11 Notepad that allowed attackers to execute local or ...

Unwanted AI upgrade to Windows Notepad created a serious security flaw

According to Microsoft's release notes, the update fixes 25 elevation of privilege flaws, 12 remote code execution ...

Notepad gets a GitHub‑driven revival of the classic Windows version

Notepad has lately fallen out of favor with a lot of Windows users. I stumbled on a new open-source alternative that you might enjoy instead.
WinBuzzer

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install ...