Notepad++ Update Fixes 'CIA Hacking' Issue

Free software Notepad++ (released under the GNU General Public License) received a new update this week which was announced under the headline "Fix CIA Hacking Notepad++ Issue". The CIA documents in WikiLeaks' 'Vault 7' included a "Notepad++ DLL Hijack" document which affected the popular Windows editor for text and source code. "It's not a vulnerability/security issue in Notepad++, but for remedying this issue, from this release (v7.3.3) forward, notepad++.exe checks the certificate validation in scilexer.dll before loading it," reads the announcement. From the Notepad++ web site: If the certificate is missing or invalid, then it just won't be loaded, and Notepad++ will fail to launch. Checking the certificate of DLL makes it harder to hack.

Note that once users' PCs are compromised, the hackers can do anything on the PCs. This solution only prevents from Notepad++ loading a CIA homemade DLL. It doesn't prevent your original notepad++.exe from being replaced by modified notepad++.exe while the CIA is controlling your PC.
The update also includes "a lot of enhancements and bug-fixes," and if no critical issues are found, "Auto-updater will be triggered in few days."

Re:Vault 7

[GuB-42]

What Notepad++ did is just a patch to prevent a specific exploit from being used, the underlying "vulnerability" is still there. This may be effective against inexperienced script kiddies but It won't stop the CIA or any self respecting cracker.
DLL hijacking is actually a feature rather than a bug on general purpose OSes like Windows and Linux. It is very useful for development. Eliminating these kinds of vulnerabilities at a fundamental level means locking down the system, which can be done (ex : Microsoft AppLocker) but it is typically not what power users (the kind that use Notepad++) want.