They finally did it. Microsoft has successfully over-engineered a text editor into a threat vector.
This CVE is an 8.8 severity RCE in Notepad of all things.
Apparently, the “innovation” of adding markdown support came with the ability of launching unverified protocols that load and execute remote files.
We have reached a point where the simple act of opening a .md file in a native utility can compromise your system.
I’ve been a long time user of Notepad++ after Notepad started inserting random whitespace characters in files, which messed up some jankety scripting I was doing at the time. Do you happen to know if Metapad is good about not adding unintended characters like that?
I use EditPadLite and have done for a loong time. It has regex find and replace, is fast and you can tell it to display word wrapped or not, numbered lines or not, font, size, colours, syntax highlighting scheme, all based on file extensions. I have it as my default text editor and for all kinds of other files as well as text.
If I want to do major coding, I fire up the IDE and choose from my recent projects, but if I want to quickly edit some xml or a single source file, I double click it and edit it in EditPadLite.
Yes. Metapad is too dumb for that shit. By design.
It’s only barely smart enough to be better than Notepad.
It’s not smart enough to do anything dumb.
Its free, extremely mature, and you already know how to use it.
Metapad is a feature-for-feature drop-in replacement for Notepad.
I love this. Amazing quote
Thanks! I’ll check it out 🍻