Skip to main content
Tech Support and Boaters’ Services in Oriental
Subscribe to Tech RSS
Windows 11 Notepad Security Vulnerability

There is a recently identified security vulnerability in the Microsoft Notepad application included with Windows 11. Modern versions of Notepad allow formatted text features that support clickable links within documents. In certain situations, clicking one of these links could trigger harmful behavior, potentially leading to malicious software being downloaded or run.

This does not mean Notepad itself is dangerous — rather, attackers may try to exploit how links are handled when users open and interact with untrusted files.

More Information
#

Microsoft has identified and patched the vulnerability. It involves support for a language called Markdown, which is a common markup language used to format text for websites and documentation. You can think of Markdown as a kind of shorthand that lets writers add simple formatting — including links — without needing complex tools.

An attacker could distribute a text file that appears harmless — instructions, notes, or documentation — but contains a disguised link. If clicked, that link might:

  • Open a website designed to infect the computer
  • Download malicious software
  • Launch another application
  • Or attempt to take advantage of additional weaknesses in the system

Microsoft refers to this type of issue as a Remote Code Execution (RCE) vulnerability. In plain terms, this means software could run on your computer in a way you did not intend. Possible outcomes range from nuisance to serious compromise, including:

  • Ransomware infections
  • Data theft
  • Password harvesting
  • Remote control of the computer
  • Enrollment into bot networks used for attacks

Most modern attacks rely on tricking users into clicking something that looks legitimate, rather than silently breaking into a system.

How to Avoid
#

Microsoft has released an update for Notepad that adds warnings when links point somewhere unexpected. The affected release is Notepad version 11.2510, and patched versions are distributed through the Microsoft Store. Windows 11 normally installs these updates automatically.

To stay protected:

  • Make sure Windows Updates are enabled
  • Make sure Microsoft Store app updates are enabled
  • Avoid opening files from unknown sources
  • Be cautious when clicking links inside any document — even simple text files

You can verify update settings here:

If you are unsure how to check or configure these settings, feel free to call Kayla for assistance.


Have questions? Need help?

Call or text us at:

📞 231 487 2088

Currently serving:
Oriental, NC • New Bern, NC • Washington, NC • Neuse River • Pamlico Sound Area • Inner Banks region

Building Websites and offering Technical Support across the USA.