Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Published: 3 days ago (February 11, 2026 at 01:06 PM EST)

1 min read

Source: The Verge

Microsoft patches critical Notepad Markdown vulnerability

Microsoft has released a fix for a serious security vulnerability affecting Markdown files in Notepad. In the Tuesday patch notes, the company explained that a malicious actor could execute remote code by tricking users into clicking a malicious link inside a Markdown file opened in Notepad, as previously reported by The Register.

Clicking the link would “launch unverified protocols,” allowing attackers to remotely load and execute malicious files on a victim’s computer. The vulnerability is identified as CVE‑2026‑20841. Microsoft stated that there is no evidence of the vulnerability being exploited in the wild, but it issued a patch to address the issue.

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Microsoft patches critical Notepad Markdown vulnerability

Related posts

Windows 11 Notepad Flaw Let Files Execute Silently via Markdown Links

Windows 11 Notepad flaw let files execute silently via Markdown links

Windows Notepad App Remote Code Execution Vulnerability

Check for Windows 11 updates. Microsoft just patched a major Notepad vulnerability.