Search the Community

The Notepad++ project is seeking the public's help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. Although, at the time of writing, the lookalike website takes visitors to the official Notepad++ downloads page, there is some concern that it could pose security threats—for example, if it starts pushing malicious releases or spam someday either deliberately or as a result of a hijack. "Help us to take down the parasite website" Notepad++, the free and open-source text and source code editor project has appealed to everyone to help shut down a lookalike website, notepad[.]plus that uses the project's branding, and even manages to rank high in search engine results alongside the official website, notepad-plus-plus.org. "I’ve received numerous complaints via email, social media, and forums regarding a website that poses a significant threat to our community," writes Don Ho, the original developer of Notepad++. The site in question notepad[.]plus, according to Ho, comes up prominently in search results when users look up "download Notepad++", as confirmed by BleepingComputer: The lookalike website appears prominently in search results (BleepingComputer) "Some users have mistakenly believed that [it] is the official Notepad++ website. This confusion has led to frustration and potential security risks," states the dev. The website in question does contain a clear disclaimer at the bottom spelling out that it's "an unofficial fan website" and "not affiliated" with the project. Notepad++ is a trademark of Don HO. Notepad[.]plus is not affiliated, sponsored or endorsed by Don HO in any ways. This is an unofficial fan website created for general information/educational purpose only. Any context found in this website is our personal opinions and do not purport to reflect the opinions or views of Don HO or its representatives. All other trademarks are the property of their respective owners. Fan site presently redirects to official releases It is worth noting the fan site directs visitors to the official Notepad++ releases downloads page hosted on notepad-plus-plus.org. Despite this, Ho alleges that "this site harbors a hidden agenda" and is "is riddled with malicious advertisements on every page." Such ads, according to Ho, could deceive unsuspecting Notepad++ users into clicking on links that generate revenue for admins of the unofficial website. Unofficial Notepad++ fan site (BleepingComputer) "The true purpose" of, what Ho has called a "parasite website" is, according to him, "to divert traffic away from the legitimate Notepad++ website, notepad-plus-plus.org" which potentially "compromises user safety and undermines the integrity of our community." BleepingComputer checked both the latest version of the notepad[.]plus website and archived copies from the past. While the site's home page does contain an area at the top that appears to be purposed for hosting ad banners, we did not find an active ad running in that space or any other promotional links on the website. We did notice multiple educational and how-to blog posts on using Notepad++. The developer urges everyone to report the website via Google Safebrowsing's "report malicious software" web form. Such an approach, however, may not be fruitful given that presently no malicious software releases are being pushed by the unofficial site, or anything that warrants it to be classified as blatantly unsafe. Moreover, the aforementioned disclaimer put in place by the website may safeguard it against such accusations. The Notepad++ logo and branding used by the website, on the other hand, could still fall afoul of trademark rules. Technology reporter Catalin Cimpanu shared Notepad++'s blog post in a Mastodon thread. Many community members began reporting the unofficial website, although, one developer echoed that reporting the site for shipping malicious software may be "erroneous." A developer disagrees that lookalike site poses risks (Mastodon) "I genuinely don't understand this. This post is full of very charged language... But I went to the site and I really don’t see anything wrong with it," writes Robby Zambito. "The download buttons even redirect to this Notepad++ site; they're not distributing any software themselves. They say this site is "a threat to the community"… but it is the community. It sounds more like a threat to their control over maintenance of the software which just doesn't seem like a big deal to me." "Sure, they might gain trust and then eventually start shipping malware instead. But so could the people who run the notepad-plus-plus site," states Zambito. The observation is especially relevant at a time when large-scale open-source projects, such as the XZ utility, had a backdoor injected in it by a developer who gained the trust of official project maintainers but went rogue. Similar stories of "vetted" researchers contributing malicious code to official projects aren't unheard of. Such cases of wrongdoing are eventually caught, thanks to the numerous sharp-eyed community members who constantly scrutinize the open source ecosystem. Given the popularity of Notepad++, its users are also frequently targeted with counterfeit trojanized versions by threat actors. As such, consuming open source projects like Notepad++ from their official websites and repositories remains a much safer approach than otherwise. Source

Notepad++ is an open source plain text editor for Windows that offers better functionality than the built-in Notepad tool of the operating system. Notepad++ is celebrating its 20th anniversary today. The developer released Notepad++ 8.6 to celebrate the anniversary. The announcement of the new release reveals information about the past 20 years of the project. It is an interested read. Even Notepad++, which many consider the best plain text editor for Windows, had to gain popularity in the beginning. The developer admits that he had to sign-up for various forums to promote the new text editor. This changed soon thereafter as the popularity of the text editor increased. Fun fact: our first mention of Notepad++ here on this site was in 2006, just months after the official launch of the site. Notepad++ continues to be an excellent plain text editor for Windows. It will be interesting to see where it stands in 20 years from today. Now You: do you use Notepad++ or another plain text editor on Windows? Source

Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to code execution by tricking users into opening specially crafted files. Notepad++ is a popular free source code editor that supports many programming languages, can be extended via plugins, and offers productivity-enhancing features such as multi-tabbed editing and syntax highlighting. GitHub's security researcher Jaroslav Lobačevski reported the vulnerabilities in Notepad++ version 8.5.2 to the developers over the last couple of months. Proof of concept exploits have also been published for these flaws in the researcher's public advisory, making it essential for users to update the program as soon as possible. Security flaws in Notepad++ The discovered vulnerabilities involve heap buffer write and read overflows in various functions and libraries used by Notepad++. Here's a summary of the four flaws discovered by GitHub's researcher: CVE-2023-40031: Buffer overflow in the Utf8_16_Read::convert function due to incorrect assumptions about UTF16 to UTF8 encoding conversions. CVE-2023-40036: Global buffer read overflow in CharDistributionAnalysis::HandleOneChar caused by an array index order based on the buffer size, exacerbated by using the uchardet library. CVE-2023-40164: Global buffer read overflow in nsCodingStateMachine::NextState. This is linked to a specific version of the uchardet library used by Notepad++, vulnerable due to its dependency on the size of the charLenTable buffer. CVE-2023-40166: Heap buffer read overflow occurs in FileManager::detectLanguageFromTextBegining due to failing to check buffer lengths during file language detection. The most severe of these flaws is CVE-2023-40031, assigned a CVSS v3 rating of 7.8 (high), potentially leading to arbitrary code execution. However, a user disputes that it would be possible to perform code execution using this flaw due to the type of error it is. "While it is technically a "buffer overflow" is really only an off-by-two bug with practically zero chance to allow for arbitrary code execution," reads a comment to a GitHub issue opened about the flaws. The other three issues are medium-severity (5.5) problems that Lobačevski says might be leveraged to leak internal memory allocation information. Fix coming Despite Lobačevski's blog and proof of concept exploits being published on August 21, 2023, the Notepad++ development team did not rush to respond to the situation until the user community pressed for its resolution. Eventually, on August 30, 2023, a public issue was created to acknowledge the problem, and fixes for the four flaws made it into the main code branch on September 3, 2023. Notepad++ 8.5.7 has now been released and should be installed to fix the four vulnerabilities and other bugs listed in the changelog. Source

A new Google Search malvertizing campaign targets users looking to download the popular Notepad++ text editor, employing advanced techniques to evade detection and analysis. Threat actors have been increasingly abusing Google Ads in malvertising campaigns to promote fake software websites that distribute malware. According to Malwarebytes, which spotted the Notepad++ malvertising campaign, it has been live for several months but managed to fly under the radar all this time. The final payload delivered to victims is unknown, but Malwarebytes says it's most likely Cobalt Strike, which usually precedes highly damaging ransomware deployments. Abusing Google ads The Notepad++ malvertizing campaign promotes URLs that are obviously unrelated to the software project yet use misleading titles displayed in Google Search result advertisements. Malicious promoted search results for Notepad++Source: Malwarebytes This SEO strategy is heavily abused in this case, and since titles are far larger and more visible than URLs, many people are likely to fall for the trap. Once victims click on any of the ads, a redirection step checks their IP to filter out users likely to be crawlers, VPNs, bots, etc., leading them to a decoy site that does not drop anything malicious. Site where non-qualifying clicks landSource: Malwarebytes In contrast, legitimate targets are redirected to "notepadxtreme[.]com" which mimics the real Notepad++ site, featuring download links for various versions of the text editor. The malicious website that drops the payloadSource: Malwarebytes When visitors click on those links, a second system fingerprint check is performed by a JavaScript snippet to validate that there are no anomalies or indications that the visitor is using a sandbox. Victims who are marked as suitable targets are then served an HTA script, which is assigned a unique ID, likely to enable the attackers to track their infections. That payload is served only once per victim, so a second visit results in a 404 error. Malwarebytes' examination of the HTA didn't produce any useful information due to it not being weaponized at the time, but the analysts found the same file in a VirusTotal upload from July. The payload having no detections on VTSource: Malwarebytes That file attempted to connect to a remote domain on a custom port, with the researchers believing it was likely part of a Cobalt Strike deployment. The observed attack chainSource: Malwarebytes To avoid downloading malware when looking for specific software tools, skip promoted results on Google Search and double-check that you have landed on the official domain. If unsure about the project's real website, check its "About" page, documentation, Wikipedia page, and official social media channels. Source

Although Microsoft has its own Notepad for Windows, which although buggy, has been receiving interesting features lately, like the Tabbed option; there are many out there who prefer Notepad++, which is a very popular application. However, the app did not really have the option to be executed via the right-click context menu on Windows 11, up until the latest version, which is v8.5. The developer of the tool has announced that Notepad++ now has "Edit with Notepad++" on Windows 11 as well, which was what made it quite handy on Windows 10. The dev says: In v8.5 release, new explorer context menu entry “Edit with Notepad++” is added for WINDOWS 11 (via installer). Also a regression of notepad replacement problem has been fixed, and there are more bug fixes and new added enhancements. There are several other fixes as well. The full changelog is given below: Change log: Fix notepad replacement opening file name containing white space regression. (Fix #13032) Fix regression about visual glitch of Find in Files progress window & Document Switcher.(Fix #13185, #13053) Update to Scintilla 5.3.3 and Lexilla 5.2.2. (Implement #13082) Add new explorer context menu entry “Edit with Notepad++” for WINDOWS 11. (Fix #10320, #10565, #4368, #8786, #10640, #10856, #10653, #7747, #6169, #92) Add show non-printable characters command. (Fix #827, #4731, #8284) Apply tab colours to document list items, and add groups to document list. (Fix #12155, #12689, #13026) Add middle mouse click ability to close doc in Document List. (Fix #12949) Add Begin/End Select in Column Mode command. (Fix #12833, #12832) Add option to make auto-completion list brief. (Fix #12783) Remove duplicate items in function/word list of Auto-completion. (Fix #13061) Fix missing items in word autocomplete. (Fix #13060) Fix autocomplete to sort case insensitive issue. (Fix #12495) Change behaviour: make Select and Find (Next/Previous) always in normal search mode. (Fix #3229) Change behaviour: make volatile Find uses least-strict option settings. (Fix #13145) Change behaviour: Don’t populate in Find what if a stream selection more than 1024 characters. (Fix #12603) Fix wrong value set in Preferences->Performance->“Define Large File Size”.(Fix #13280) Fix untitled document number jumping or repeated problem. (Fix #8677, #11704, #13194) Fix dock-able panels not restoring for mono instances when Notepad++ is in the tray. (Fix #9454) Fix panels not restored from systemtray with “Edit with Notepad++” in admin mode. (Fix #13041) Fix hit text in search results not being scrolled in the view issue. (Fix #13129) Add new notification NPPN_EXTERNALLEXERBUFFER for lexer plugin with buffer ID when a new lexer is applied to the buffer in question. (Fix #12351) Fix Synch H/V Scrolling commands not sync with 2 views. (Fix #5250, #13071) Add several GUI enhancement. (Fix #11695, #13176, #13187, #13162) Make several GUI items translatable. (Fix #13175, #8020, #8858, #13088, #8927, #10876, #9343, #8004) You can download Notepad++ v8.5 either from GitHub or from the official website. Notepad++ just got Windows 11 right-click context menu option, and a whole bunch of bugfixes

Notepad++ is a popular open source alternative and replacement to Notepad, the default Windows plain text editor. The default text editor Notepad has not received many updates over the years, but Microsoft revealed recently that it plans to push updated versions with an improved feature set via its Microsoft Store. Notepad++ has been the go-to application for many Windows users when it comes to plain text editing. Features that make it a better solution for many are its support for larger files and plugins, programming language support, advanced find and replace functionality and a lot more. The text editor opens plain text files quickly and is offered as a portable version or an installer. The last major release version of Notepad++, version 8.2, was released on January 1, 2022. It fixed a memory leak and introduced new features, including the much requested folder exclusion option for its find in files functionality. Notepad 8.3.2 is a bug fix release for the most part, but it does include some improvements as well. The first improves the performance of the program when exiting under specific configurations. Users who noticed delays when closing Notepad++ while large files were open in the editor may benefit from this. For those interested, the two settings that affected the performance were the unchecked Remember current session for next launch and the checked Default (mono-instance) settings. Notepad++ users who open large files using the application may benefit from improved support for large files. Files with 2 Gigabytes or larger benefit from the improvement. You can read up on it here if you are interested in the specifics of the patch. Here is the full list of changes: Fix incorrect message while double clicking on search result regression. (Fix #11215, #11106) Fix regression: file can’t be saved if it’s set to other charset before. (Fix #11238) Fix UDL comment config input fields broken regression. (Fix #11239) Fix UDL dialog crash issue on over 30 created UDL. (Fix #11257) Add sorting document tab order commands by name, path, type and size under “Window” Menu. (Fix #10393) Add API NPPM_GETCURRENTLINESTR and variable $(CURRENT_LINESTR) for RunDlg. (Fix #11216) Support better 2GB+ file (cmdline & session file adaptation). (Fix #11213) Fix auto-completion sort order problem due to fx icon. (Fix #11233) Refine auto-saving session on exit behaviour. (Fix #11249) Enhance performance on exit with certain settings. (Fix #11219) Fix auto-complete case insensitive not working issue. (Fix #11187) Fix saving problem (regression) with “Sysnative” alias in x86 binary. (Fix #11196) Notepad++ 8.3.2 is available for download at the official project website. There you also find listed the changes in the release and links to the issues pages on GitHub. Now You: which text editor do you prefer, and why? Notepad++ 8.3.2 improves very large file handling and performance Frontpaged: Notepad++ 8.3.2

Notepad++ 8.2 has been released. The new version of the open source text editor is already available on the developer's website and source repositories. The text editor is available for all supported operating systems. On Windows, it is available as a portable version and a setup version. Installed copies of Notepad will receive update notifications in the coming weeks; users who want to update early need to do so manually. The official release announcement has been posted to the official website. The developer has added two features that users requested for some time. The first enables users to exclude folders from the program's find in files feature. Find in files searches for the text string that you enter in files, an in-content search feature that can be really helpful, e.g., to replace strings with others in all files that have that string. The exclude option can speed things up considerable for users, as it skips excluded folders, which speeds up the processing and may also reduce the number of returned items. Select Search > Find in Files to use the functionality in Notepad++. Use the filters field to exclude folders: *.* !/source !/bin searches all folders with the exception of the source and bin folders. The second feature introduces auto saving for the loaded session on exit; this works while the "open session in a new instance" is set. Select Settings > Preferences >Multi-Instance Settings & Date to check the state of the setting. The default needs to be switched for the feature to work. Notepad++ 8.2 includes a number of fixes besides that. One addresses a memory leak issue when toggling lite and dark modes of the application. Here is the list of features and bug fixes of the new version: 1. Add exclude folder(s) capacity in Find in Files (mouse hover on "Filters" label for getting the example on tool-tip). 2. Fix UTF-8 detected wrongly as TIS-620 encoding issue. 3. Add auto save loaded session on exit feature (while "Open session in a new instance" is set in Multi-instance settings). 4. A comprehensive fix for dockable panels losing background color when switching back Notepad++. 5. Fix memory leak while toggling between Dark/Lite Mode. 6. Fix caret left-right inverse moving in RTL mode issue. 7. Fix Document List icons unchanged issue after switching to dark mode or changing to alternative icons. 8. Fix incorrect folding behaviour in C, C++, Java, JavaScript, TypeScript and Objective-C. 9. Update boost regexp from v1.76 to v1.78 10. "Rename tab" name field enlargement (from 20 to 63 char!). 11. Apply "crontab" file to the syntax highlighting of bash. Now You: which text editor do you use? (via Deskmodder) Notepad++ 8.2: improved features and a memory leak fix Frontpaged: Notepad++ 8.2