Notepad++ WinGUp signed update verification hardening (8.8.9)
Security Patch Release
Summary
Hide ▲
Show ▼
Notepad++ v8.8.9 hardened the WinGUp update path so only installers signed with the developer's certificate can be installed, reducing the risk of malicious update files reaching users. The release follows reports that the updater could retrieve untrusted payloads instead of legitimate packages and that update traffic might have been hijacked. If signature or certificate verification fails, the update is aborted.
Related Happenings
Notepad++ version 8.9.2 double-lock update hardening
Security Patch Release
First: 17.02.2026 20:29
Last: 17.02.2026 20:29
Sources 1
About this happening:
**Notepad++ version 8.9.2** introduces a **double-lock** update mechanism that reduces **supply-chain compromise risk** in the auto-update path. The release verifies the **signed...
Notepad++ version 8.9.2 double-lock update hardening
Security Patch ReleaseAbout this happening: **Notepad++ version 8.9.2** introduces a **double-lock** update mechanism that reduces **supply-chain compromise risk** in the auto-update path. The release verifies the **signed...
Notepad++ hit by network compromise
Incident
First: 03.02.2026 06:55
Last: 03.02.2026 06:55
Sources 1
About this happening:
The **Notepad++** hosting breach enabled attackers to hijack the software update path and selectively redirect some users to **malicious servers**, creating a **supply-chain** ris...
Notepad++ hit by network compromise
IncidentAbout this happening: The **Notepad++** hosting breach enabled attackers to hijack the software update path and selectively redirect some users to **malicious servers**, creating a **supply-chain** ris...
Latest development: 18.02.2026 09:40
Notepad++ released version 8.9.2 to harden the update mechanism after the hijacked update path was used to deliver targeted malware. The release adds a "double lock" design with verification of the signed installer downloaded from GitHub and verification of the signed XML returned by the update server at notepad-plus-plus[.]org, and it also introduces WinGUp hardening including removal of libcurl.dll, removal of CURLSSLOPT_ALLOW_BEAST and CURLSSLOPT_NO_REVOKE, and restriction of plugin management execution to programs signed with the same certificate as WinGUp.
Fortinet FortiOS follow-on patch release for authentication bypass
Security Patch Release
First: 21.01.2026 19:49
Last: 21.01.2026 19:49
Sources 1
About this happening:
**Fortinet** is preparing **FortiOS 7.4.11, 7.6.6, and 8.0.0** to fully close an **authentication bypass** flaw affecting **FortiOS/FortiGate** deployments. The follow-on release...
Fortinet FortiOS follow-on patch release for authentication bypass
Security Patch ReleaseAbout this happening: **Fortinet** is preparing **FortiOS 7.4.11, 7.6.6, and 8.0.0** to fully close an **authentication bypass** flaw affecting **FortiOS/FortiGate** deployments. The follow-on release...
Timeline
-
09.12.2025 02:00 2 articles · 5mo ago
Notepad++ 8.8.9 requires signed installers
Mitigation Patch UpdateNotepad++ version 8.8.9 hardened WinGUp to verify the signature and certificate of downloaded installers during the update process, aborting any update that is not signed with the developer's code-signing certificate.
Show sources
- Notepad++ fixes flaw that let attackers push malicious update files — www.bleepingcomputer.com — 11.12.2025 23:04
- Notepad++ fixes flaw that let attackers push malicious update files — www.bleepingcomputer.com — 11.12.2025 23:04
-
18.11.2025 02:00 1 articles · 6mo ago
Notepad++ 8.8.8 restricts updates to GitHub
Mitigation Patch UpdateNotepad++ developer Don Ho released version 8.8.8 on November 18th so updates can be downloaded only from GitHub, reducing the chance that hijacked update traffic could redirect users to a malicious installer.
Show sources
- Notepad++ fixes flaw that let attackers push malicious update files — www.bleepingcomputer.com — 11.12.2025 23:04