You can infect your PC with malware without ever leaving Notepad, thanks to recent updates and additions. Hooray.

According to Microsoft's release notes, the update fixes 25 elevation of privilege flaws, 12 remote code execution ...

High-severity flaw fixed in Windows 11 Notepad ...

A command injection flaw in the Windows Notepad App now gives remote attackers a path to execute code over a network, turning one of the most familiar programs on any PC into a potential entry point ...

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...

Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company’s Tuesday patch ...

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

TypeScript 6.0 is intended to be the last release based on the current JavaScript codebase, before a Go-based compiler and language service debuts in TypeScript 7.0.

The flaw exploits Notepad’s recently added support for Markdown, a formatting language used on websites and in files, to run malicious code on a Windows PC.

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install February 2026 updates to block exploits.