https://notepad-plus-plus.org/news/notepad-7.3.3-fix-cia-hacking-issue.html
Watu ya akanyal clit…
“Vault 7: CIA Hacking Tools Revealed”
has been published by Wikileaks
recentely, and Notepad++ is on the
list.
The issue of a hijacked DLL concerns
scilexer.dll (needed by Notepad++) on
a compromised PC, which is replaced
by a modified scilexer.dll built by the
CIA. When Notepad++ is launched,
the modified scilexer.dll is loaded
instead of the original one.
It doesn’t mean that CIA is interested
in your coding skill or in your sex
message content typed in Notepad++,
but rather it prevents raising any red
flags while the DLL does data
collection in the background.
It’s not a vulnerability/security issue in
Notepad++, but for remedying this
issue, from this release (v7.3.3)
forward, notepad++.exe checks the
certificate validation in scilexer.dll
before loading it. If the certificate is
missing or invalid, then it just won’t
be loaded, and Notepad++ will fail to
launch.
Checking the certificate of DLL makes
it harder to hack. Note that once
users’ PCs are compromised, the
hackers can do anything on the PCs.
This solution only prevents from
Notepad++ loading a CIA homemade
DLL. It doesn’t prevent your original
notepad++.exe from being replaced
by modified notepad++.exe while the
CIA is controlling your PC.
Just like knowing the lock is useless
for people who are willing to go into
my house, I still shut the door and
lock it every morning when I leave
home. We are in a f**king corrupted
world, unfortunately.
Otherwise there are a lot of
enhancements and bug-fixes which
improve your Notepad++ experience.
For all the detail change log, please
check in the Download page.