Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company's Tuesday patch notes, Microsoft says a bad actor could carry out a remote code execution attack by tricking users "into clicking a malicious link inside a Markdown file opened in Notepad," as reported earlier by The Register.

Clicking the link would "launch unverified protocols," allowing attackers to remotely load and execute malicious files on a victim's computer, according to the patch notes.