Beep@lemmus.org to Technology@lemmy.worldEnglish · 1 day agoWindows Notepad App Remote Code Execution Vulnerabilitynews.ycombinator.comexternal-linkmessage-square13fedilinkarrow-up1123
arrow-up1123external-linkWindows Notepad App Remote Code Execution Vulnerabilitynews.ycombinator.comBeep@lemmus.org to Technology@lemmy.worldEnglish · 1 day agomessage-square13fedilink
minus-square_edge@discuss.tchncs.delinkfedilinkEnglisharrow-up4·24 hours agoIs there a non-sense free description. So far, i learned that notepad can open links from Markdown. I assume Markdown calls some Windows API open(link) where link is any string. That’s hardly a vulnerability by itself, that’s working as designed. Where does the code execution happen? Is it open(https://hackersite.com/exploite.exe)? Can’t be. They’re not that stupid. Is it open(file:///PowerShell.exe?atbitaryCodeHere)? Who would allow this? Or open(teams://magic/doThing)? This sounds like trying to blame notepad (and by proxy all app developers) for a design flaw in the ecosystem
Is there a non-sense free description.
So far, i learned that notepad can open links from Markdown. I assume Markdown calls some Windows API open(link) where link is any string. That’s hardly a vulnerability by itself, that’s working as designed.
Where does the code execution happen? Is it open(https://hackersite.com/exploite.exe)? Can’t be. They’re not that stupid.
Is it open(file:///PowerShell.exe?atbitaryCodeHere)? Who would allow this?
Or open(teams://magic/doThing)?
This sounds like trying to blame notepad (and by proxy all app developers) for a design flaw in the ecosystem