+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Microsoft Windows News (https://www.geeks.fyi/forumdisplay.php?fid=32)
+--- Thread: Windows 11 Notepad Bug Let Markdown Links Run Files Without Warning (/showthread.php?tid=21588)
Windows 11 Notepad Bug Let Markdown Links Run Files Without Warning - harlan4096 - 12 February 26
Quote:Microsoft has patched a high-severity security vulnerability in Windows 11 Notepad that allowed specially crafted Markdown links to launch local or remote programs - without triggering standard Windows security warnings.
The flaw tracked as CVE-2026-20841 was fixed as part of the February 2026 Patch Tuesday updates, which we release monthly.
While exploitation required a user to open a malicious Markdown file and click a link, the lack of any warning prompt made the issue especially dangerous.
What Went Wrong?
Notepad has evolved significantly since its debut in Windows 1.0. With Windows 11, Microsoft modernized the app by:Markdown support allows users to create formatted text and clickable links using simple syntax, such as:
- Adding Markdown support
- Enabling richer formatting features
- Retiring WordPad as the default RTF editor
However, researchers discovered that Notepad did not properly restrict non-standard protocols inside Markdown links.
**Bold text**[Example Link](https://example.com)
Continue Reading...