Are you among the numerous individuals and organizations who use Microsoft Notepad? According to researcher Tavis Ormandy, you're exposing yourself to a considerable security flaw.
SecurityWeek explains:
The researcher has only revealed so far that the vulnerability is a memory corruption and he posted a screenshot showing how he managed to “pop a shell in Notepad.” The screenshot apparently shows that the vulnerability has been exploited to spawn a Windows Command Prompt.
Several individuals have speculated on how the flaw may be triggered, but Ormandy has not released any information on the topic. He did, however, clarify that he has developed a “real exploit” for it.
