They finally did it. Microsoft has successfully over-engineered a text editor into a threat vector.
This CVE is an 8.8 severity RCE in Notepad of all things.
Apparently, the “innovation” of adding markdown support came with the ability of launching unverified protocols that load and execute remote files.
We have reached a point where the simple act of opening a .md file in a native utility can compromise your system.
Hmm. This is what mine looks like.
That looks like a nightmare.
Windows 11 ltsc is interesting in that its like a time capsule. More like Windows 7 than 10. Has no Microsoft store, no onedrive, no game bar. And has old Microsoft paint, calculator, and notepad from Windows 10 with no tabs.
There’s not really anything to uninstall. And it just gets security updates. Its a bare bones OS that feels closer to Linux because of that without the crap that even Windows 10 had showing tiktok and meta in the start menu to remove.
Ah. Yes, it appears I’ve been using the ESU option. That was the simplest thing to do.
I use the registration utility from massgrave, added 3 years to my registration.
https://massgrave.dev/windows10_eol
But right there on that page, they cover Windows 10 IoT Enterprise LTSC 2021.
It sounds like that’s what I need. Stripped down Win10. I like that idea.
Thanks, friend.
I have a laptop still running Win10. I’ll look into this. Thx.