MICROSOFT ADDED AI TO NOTEPAD HACKERS HAD A FIELD

Even Microsoft’s Notepad app, once a simple tool for jotting down plain text notes, has become an AI-powered security risk.

Researchers from the group VX-Underground discovered a “remote code execution zero-day,” a vulnerability unknown even to Microsoft.

According to Microsoft documentation of the bug, “improper neutralization of special elements used in a command (‘command injection’) in Windows Notepad App allows an unauthorized attacker to execute code over a network.”

“An attacker could trick a user into clicking a malicious link inside a Markdown file opened in Notepad, causing the application to launch unverified protocols that load and execute remote files”

Microsoft later fixed the vulnerability affecting Markdown files in Notepad.

URL: https://pakwap.com/articles/14