Remember when Notepad was just… Notepad? A simple text editor nobody asked to be modernized?
Yeah, Microsoft didn’t care either. They bolted on Markdown support and AI features anyway. And now we’ve got CVE-2026-20841. Remote code execution. Via a text file. This is the kind of thing that makes you go “oh come on, really?”
Can anyone tell me if Win 10 LTSC IoT 21H2 is also affected? This is the only M$ OS I run on a few devices (I pretentiously use Linux BTW). If notepad.exe on LTSC is still being molested by updates, that’s beyond fucked.
I don’t think it does. The MSRC page linking to the notepad update release notes/download goto the windows store version of notepad, which lists a requirement of Windows 11 version 22000.0 or higher.
I haven’t gone more in depth than that though.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20841
Thanks for the info!