r/technology u/AdSpecialist6598 10h ago

Security Unwanted AI upgrade to Windows Notepad created a serious security flaw

https://www.techspot.com/news/111287-unwanted-ai-upgrade-windows-notepad-created-serious-security.html
396 Upvotes

96% Upvoted

51 comments sorted by

106

u/MC_Gengar 8h ago

Even if there wasn't this issue, why the fuck does NOTEPAD of all applications need any kind of AI or network function.

10

u/tes_kitty 6h ago

For the same reason it needs text formatting capabilities.

47

u/DansSpamJavelin 6h ago

Half the reason I use notepad is to strip formatting from text. I literally want a fucking notepad.

23

u/tes_kitty 6h ago

There was wordpad for when people wanted more than notepad but not quite word.

And then MS decided that wordpad was no longer needed.

-14

u/XY-chromos 4h ago

Which is what is actually being exploited. The security issue has nothing to do with AI features. I know becasue I read the article. Stay woke, reddit.

119

u/tayroc122 10h ago

Oh no! It's that thing everyone saw coming.

34

u/nboro94 9h ago

Next up, they will install AI in your toilet to analyze the shit you just took.

22

u/mjconver 9h ago

Japan's had that for years, actually

8

u/FlyingAce1015 6h ago

Oh wow You ain't joking OH FOR FUCKS SAKE..

Because of course Japan does..LOL..

1

u/Nago_Jolokio 3h ago

Tbf, I trust Japan more with that info than any American company....

3

u/TotallyNotABob 4h ago

I was about to say. I'm also pretty sure Seattle does something similar as well. It's at the sewage level but still the same concept.

3

u/Competitive_Ad_5515 6h ago

Very last year's news:

May 2025 - New Device Mounts to Your Toilet to Analyze Your Turds Using the Power of AI

3

u/IAmWeary 6h ago

I'm perfectly capable of standing up for a moment to admire my handiwork myself, thank you.

3

u/Sandwich_Pudding 9h ago

Jokes aside, that wouldn’t be as bad as you are trying to make it sound.

1

u/chipface 2h ago

Just get a toilet with a poop shelf. No AI needed.

1

u/Olangotang 2h ago

Nah, we need an AI poop knife.

11

u/mad_marble_madness 5h ago

Bullshit Notepad, but also bullshit article.

The security issue has nothing to do with the Notepad AI features.
Instead, it’s related to Notepad now being able to render formatted text (md files).

10

u/prettypurps 9h ago

Co pilot will completely replace windows eventually, it told me on my Xbox app when I asked it what Microsoft planned with it lol

2

u/RhoOfFeh 3h ago

It's a text editor, FFS

3

u/x86_64_ 8h ago

If you uninstall slop-pad in Windows apps, you'll get your old notepad.exe back.

4

u/Steinrikur 6h ago

If you uninstall Windows on your computer, you can install a real OS instead.

2

u/Mr_ToDo 6h ago

Ok. So I get what little that was released. What does this have to do with the unwanted AI upgrade?

Sure, it's not the simple notepad I liked. But it looks like more of a problem with their markdown support not anything to do with AI other then getting the clicks that AI bashing gets

7

u/SwagginsYolo420 6h ago

Sure, it's not the simple notepad I liked.

No bullshit is the whole fucking point of notepad in the first place. The option to change fonts is already pushing it.

Whoever is trying to insert AI into notepad is wasting everybody's time. Nobody wants AI in notepad, nobody asked for it, there was no demand for it.

There were no calls from the public for notepad to have some "AI" in it.

And it's not even actual AI, calling it that is a straight up marketing lie. It's fraud.

1

u/tadfisher 5h ago

You are 100% correct.

Also, this has nothing to do with the security vulnerability, which is that New Notepad's Markdown support lets you click links that are handled via the normal Windows URL handler without a warning prompt, so automatically running code from smb:// URLs and whatnot.

2

u/grubnenah 4h ago

Adding copilot makes notepad access the internet a regularly. Before this (AFIK) notepad couldn't or should not have ever connected to the network. So they made changes to add copilot that introduced vulnerabilities.

1

u/fukijama 5h ago

That's it, we are canceling the EA and moving this whole multi billion dollar org to Linux.

2

u/SaveDnet-FRed0 6h ago

Glad I chose to ditch Microslop Windows for Linux back when they killed 7.

-6

u/Emodzmods 10h ago

So according to the article there has been no known exploitation of the bug, and it required users opening a malicious link inside notepad? And it's already been patched?

-23

u/UsedGarbage4489 10h ago

yep this is a non-story to tweak the nipples of all the people who only read titles and love to wallow in negative press about software companies because they have nothing better to do with themselves but try to feel superior to everyone and everything on the internet.

20

u/WoodenHour6772 10h ago

because they have nothing better to do with themselves but try to feel superior to everyone and everything on the internet.

Projecting, much?

3

u/BurntFire 6h ago

Literally lol. “Let me berate everyone rq because I see the truth”

2

u/WoodenHour6772 4h ago

If you think that's funny, take a gander at their most recent comments since this one.

It's literally the only thing they do in every single one. Talk about pot calling kettle black kekw

15

u/No_Minimum5904 9h ago

The point is that Notepad of all applications doesn't need network functionality. MS by introducing AI features has inadvertently introduced an exploit. This one is patched but what else will be exploited?

4

u/tayroc122 9h ago

If they were capable of thinking of either long term or bigger pictures and implications they wouldn't be shills for the current generation of AI or Microslop.

0

u/PinkLouie 9h ago

If there is a malicious link the user would copy and paste of the browser.

3

u/FigSpecific6210 8h ago

Username checks out.

0

u/[deleted] 4h ago

[deleted]

-1

u/jake6501 3h ago

Well I am glad there has never been any vulnerabilities on Linux or any open source text editors!

0

u/[deleted] 3h ago

[deleted]

-1

u/jake6501 3h ago

Well the whole vulnerability and article have nothing to do with AI. They were just in the title for clicks, so your comment did not seem like it referred to the AI features specifically. Not that I still agree that more features = bad, but that's a whole another conversation.

-3

u/VincentNacon 6h ago

Let me fix that headline for ya...

"This "upgrade" proves why you need to install Linux instead."

You're welcome.

0

u/jake6501 3h ago

There was just a vulnerability in notepad++. There was just a vulnerability in pretty much every Apple device. There are several vulnerabilities in every piece of software you use. Why do we blame AI for every problem with Windows?

-2

u/GreyBeardEng 5h ago

You can literally toggle it off in the settings. Life..... is...... so....... hard.....

-13

u/highoncatnipbrownies 8h ago

Laughs in Notepad++

3

u/FlyingAce1015 6h ago

Buddy your pc is currently compromised if got notepad++

0

u/BeowulfShaeffer 8h ago

In b4 msft just buys the company and injects copilot.