TheRegister's platform is a leading technology news website, offering insights into IT industry news, hardware reviews, and software updates. Through articles, analysis, and opinion pieces, TheRegister offers insights into cybersecurity threats, technology trends, and industry developments. Readers can stay updated with the latest news and analysis from the world of technology and IT business.

The Register

Microsoft patched CVE-2026-20841, a remote code execution vulnerability in Notepad's Markdown feature that scores 8.8 severity. The flaw requires social engineering—tricking users into opening a malicious Markdown file and clicking an embedded link—which then executes unverified protocols with user permissions. No wild exploitation has been detected. The vulnerability emerged months after Microsoft added Markdown support in May 2025, a controversial move that critics argued betrayed Notepad's lightweight ethos. The feature ships enabled by default but can be disabled in settings.

Notepad's new Markdown powers served with a side of RCE