Discussione: Occhio!!!
Visualizza messaggio singolo
Vecchio 09-03-2017, 00.35.53   #1
retalv
Forum supporter
WT Expert
 
L'avatar di retalv
 
Registrato: 13-03-2005
Loc.: Ultima stella a destra
Messaggi: 2.809
retalv è un gioiello raroretalv è un gioiello raroretalv è un gioiello raroretalv è un gioiello raro
Occhio!!!

08 Mar 2017 21:58:00

"Vault 7: CIA Hacking Tools Revealed" has been published by Wikileaks recentely, and Notepad++ is on the list.

The issue of a hijacked DLL concerns scilexer.dll (needed by Notepad++) on a compromised PC, which is replaced by a modified scilexer.dll built by the CIA. When Notepad++ is launched, the modified scilexer.dll is loaded instead of the original one.
It doesn't mean that CIA is interested in your coding skill or in your sex message content, but rather it prevents raising any red flags while the DLL does data collection in the background.

For remedying this issue, from this release (v7.3.3) forward, notepad++.exe checks the certificate validation in scilexer.dll before loading it. If the certificate is missing or invalid, then it just won't be loaded, and Notepad++ will fail to launch.

Checking the certificate of a DLL makes it harder to hack. Note that once users’ PCs are compromised, the hackers can do anything on the PCs. This solution only prevents from Notepad++ loading a CIA homemade DLL. It doesn't prevent your original notepad++.exe from being replaced by modified notepad++.exe while the CIA is controlling your PC.

Just like knowing the lock is useless for people who are willing to go into my house, I still shut the door and lock it every morning when I leave home. We are in a f**king corrupted world, unfortunately.

Otherwise there are a lot of enhancements and bug-fixes which improve your Notepad++ experience. For all the detail change log, please check in the Download page.

https://notepad-plus-plus.org/news/n...ing-issue.html
retalv non è collegato   Rispondi citando