Monday 13 March 2017

Notepad++ v7.3.3 fixes CIA hacking issue, update ASAP



If you prefer Notepad++ over other source code editor, it's time for an update. Wikileaks has revealed in its update : "Vault 7: CIA Hacking Tools Revealed" how CIA has hijacked scilexer.exe with their own modified copy on a compromised PC in Windows. The vulnerability or security issue is not with Notepad++ but Notepad++ has sent an update where Notepad++.exe checks for the certificate validation in scilexer.exe before loading it, and if the certificate is missing or invalid, then it won't be loaded and Notepad++ fails to launch. 

This vulnerability fix is mainly for Windows OS and not for Linux. There are other bug fixes and enhancements for which you will need to update to v7.3.3.

Notepad++ v7.3.3 bug-fixes and enhancements:



  • Fix CIA Hacking Notepad++ issue (https://wikileaks.org/ciav7p1/cms/page_26968090.html).
  • Fix mouse wheel to task list scroll crash bug.
  • Fix flickering issue while switching back after modifying or deleting a document from outside.
  • Support Motorola S-Record, Intel and Tektronix extended hex file formats.
  • Improve multi-line tab: maintaining the selected tab position.
  • Fix add char into word char list bug.
  • Add Shift+Enter in Find dialog for searching in the opposite direction.
  • Fix a regression that delimiter settings is not retained correctly.
  • Add clear command button in shortcut mapper.
  • Enhancement: file extension supported in Load/Save Session dialog if a session file extension is set.


Notepad++ team issues the warning along with the update which I quote: 

Just like knowing the lock is useless for people who are willing to go into my house, I still shut the door and lock it every morning when I leave home. We are in a f**king corrupted world, unfortunately.

It's really a serious issue where a Government organisation is trying to record and analyse (without permission) everything you type. They may not (I assume) be interested in your coding skills or the blog posts I type in my Notepad++ but by hacking the scilexer.exe, it stops any red flags while the infected DLL does data collection in the background. 

If you are Windows user, I would suggest you to immediately update to v7.3.3 and if you are on Linux, you can still update Notepad++ for a better performance. 

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)