News

Notepad++ 8.5.7 available

The update fixes four vulnerabilities and is now proteted against malicious code attacks.

In the new version of the free text editor for Windows, the developer has fixed several security problems and Notepad++ is now protected against malicious code attacks.

Attackers can attack Windows systems on which the open source text editor Notepad++ is installed and, in the worst case, execute malicious code. A version that is protected against this, among other things, is now available for download.

As can be seen from a post by the developer, the current version 8.5.7 has fixed four vulnerabilities (CVE-2023-40031 high, CVE-2023-40036 medium, CVE-2023-40164 medium, CVE-2023 -40166 medium).

The conversion from UTF16 to UTF8 can cause memory errors, allowing malicious code to reach systems. To do this, a victim must open a crafted file.

Notepad++ v8.5.7 Change log

  • Fixed 4 security issues CVE-2023-40031, CVE-2023-40036, CVE-2023-40164 & CVE-2023-40166.
  • Security enhancement: Signed uninstall.exe.
  • Changed the slogan in installer.
  • Fixed eventual memory leak while reading Utf8-16 files.
  • Fixed dragging tab performance issue while Document List is displayed.
  • Added 2GB file warning option for x64.
  • Fixed cloned document disassociated issue after Notepad++ being relaunched.
  • Fixed session file saving problem if it is read-only.
  • Fixed activating wrong file(s) issue after loading session file.
  • Fixed product version value displayed in file's properties.

About Author

I am a technology writer for UpdateStar, covering software, security, and privacy as well as research and innovation in information security. I worked as an editor for German computer magazines for more than a decade before starting to be a team member at UpdateStar.

Next Article

Previous Article