An Interest In:
Web News this Week
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
- April 12, 2024
- April 11, 2024
March 12, 2017 08:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/DBgowYpDV0E/notepad-update-fixes-cia-hacking-issue
Notepad Update Fixes 'CIA Hacking' Issue
Free software Notepad++ (released under the GNU General Public License) received a new update this week which was announced under the headline "Fix CIA Hacking Notepad++ Issue". The CIA documents in WikiLeaks' 'Vault 7' included a "Notepad++ DLL Hijack" document which affected the popular Windows editor for text and source code. "It's not a vulnerability/security issue in Notepad++, but for remedying this issue, from this release (v7.3.3) forward, notepad++.exe checks the certificate validation in scilexer.dll before loading it," reads the announcement. From the Notepad++ web site:If the certificate is missing or invalid, then it just won't be loaded, and Notepad++ will fail to launch.Checking the certificate of DLL makes it harder to hack. Note that once users' PCs are compromised, the hackers can do anything on the PCs. This solution only prevents from Notepad++ loading a CIA homemade DLL. It doesn't prevent your original notepad++.exe from being replaced by modified notepad++.exe while the CIA is controlling your PC. The update also includes "a lot of enhancements and bug-fixes," and if no critical issues are found, "Auto-updater will be triggered in few days."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/DBgowYpDV0E/notepad-update-fixes-cia-hacking-issue
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot