SecurityWeek: Google Researcher Finds Code Execution Vulnerability in Notepad

SecurityWeek: Google Researcher Finds Code Execution Vulnerability in Notepad. “Google Project Zero researcher Tavis Ormandy revealed on Tuesday that he identified a code execution vulnerability in Microsoft’s Notepad text editor. Ormandy says he has reported his findings to Microsoft and the company has been given 90 days – per Project Zero’s vulnerability disclosure policy – to release a patch. Details of the security hole will be made public after 90 days or possibly sooner if Microsoft rolls out a fix.”