Beep@lemmus.org to Technology@lemmy.worldEnglish · 19 hours agoWindows Notepad App Remote Code Execution Vulnerabilitynews.ycombinator.comexternal-linkmessage-square14fedilinkarrow-up1116arrow-down13
arrow-up1113arrow-down1external-linkWindows Notepad App Remote Code Execution Vulnerabilitynews.ycombinator.comBeep@lemmus.org to Technology@lemmy.worldEnglish · 19 hours agomessage-square14fedilink
minus-square_edge@discuss.tchncs.delinkfedilinkEnglisharrow-up3·7 hours agoIs there a non-sense free description. So far, i learned that notepad can open links from Markdown. I assume Markdown calls some Windows API open(link) where link is any string. That’s hardly a vulnerability by itself, that’s working as designed. Where does the code execution happen? Is it open(https://hackersite.com/exploite.exe)? Can’t be. They’re not that stupid. Is it open(file:///PowerShell.exe?atbitaryCodeHere)? Who would allow this? Or open(teams://magic/doThing)? This sounds like trying to blame notepad (and by proxy all app developers) for a design flaw in the ecosystem
Is there a non-sense free description.
So far, i learned that notepad can open links from Markdown. I assume Markdown calls some Windows API open(link) where link is any string. That’s hardly a vulnerability by itself, that’s working as designed.
Where does the code execution happen? Is it open(https://hackersite.com/exploite.exe)? Can’t be. They’re not that stupid.
Is it open(file:///PowerShell.exe?atbitaryCodeHere)? Who would allow this?
Or open(teams://magic/doThing)?
This sounds like trying to blame notepad (and by proxy all app developers) for a design flaw in the ecosystem