clicking links should not be a security issue and yes the CVE is totally deserve... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		xxs 9 days ago \| parent \| context \| favorite \| on: Windows Notepad App Remote Code Execution Vulnerab... clicking links should not be a security issue and yes the CVE is totally deserved: that's remote code execution.

		help

NetMageSCW 8 days ago [–]

How is the code execution remote?

xxs 8 days ago | [–]

It's remote from the attacker point of view. It allows to remote execute the code the attacker provided.

It'd be the same to upload a file to a web server that gets to be run by the said web server, except this time it's done with "notepad.exe"

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact