Comment by Someone1234
16 days ago
I'm out of the loop: How did they bypass Notepad++'s digital signatures? I just downloaded it to double-check, and the installer is signed with a valid code-signing certificate.
16 days ago
I'm out of the loop: How did they bypass Notepad++'s digital signatures? I just downloaded it to double-check, and the installer is signed with a valid code-signing certificate.
https://notepad-plus-plus.org/news/8.8.2-available-in-1-week...
Jeez, they didn't waste any time, did they? No more signing certificate in June, compromise in July
> we’re hopeful we can find a solution ASAP!
Never meet your heroes.
The updater doesn't check the certificate of the updated installer, it just executes whatever.