A newly discovered DLL hijacking vulnerability in Notepad++, the popular source code editor, could allow attackers to execute arbitrary code on a victim's machine.
At first I thought “oh, I wonder if my favourite text editor is affected by a similar bug, and I wonder what actions make it vulnerable.”.
Well, of turns out that the action that makes it vulnerable is installing separate malware with admin privileges. I will do my best to avert that danger, but I wouldn’t class “third party malware with admin privileges can replace part of this program with its own code” as a serious vulnerability in this software specifically.
At first I thought “oh, I wonder if my favourite text editor is affected by a similar bug, and I wonder what actions make it vulnerable.”.
Well, of turns out that the action that makes it vulnerable is installing separate malware with admin privileges. I will do my best to avert that danger, but I wouldn’t class “third party malware with admin privileges can replace part of this program with its own code” as a serious vulnerability in this software specifically.
What a silly article.