They finally did it. Microsoft has successfully over-engineered a text editor into a threat vector.
This CVE is an 8.8 severity RCE in Notepad of all things.
Apparently, the “innovation” of adding markdown support came with the ability of launching unverified protocols that load and execute remote files.
We have reached a point where the simple act of opening a .md file in a native utility can compromise your system.
WordPad writes fairly clean rtf. Word writes incredibly bloated messy rtf. No, I don’t want to use a .docx or .pdf generating library, I just wanna slap some strings together and have it come out ready to print yet editable by non techy users. I use wordpad to write my templates.