A number of buffer overflow zero-days have been fixed in Notepad++ version 8.5.7, one of which has been flagged as potentially resulting in code execution by misleading users into opening specially created files. Over the past few months, security researcher Jaroslav Lobaevski from GitHub informed the developers of the flaws in Notepad++ version 8.5.2.
Popular free source code editor Notepad++ includes productivity-boosting features like multi-tabbed editing and syntax highlighting in addition to supporting a wide range of programming languages. The researcher’s public alert also contains proof-of-concept attacks for these issues, thus it is crucial that users update the program right now.