Microsoft confirms 8.8-rated security issue in Windows 11 Notepad due to modernization efforts, Patch Tuesday fix rolling out

Microsoft has confirmed a critical Remote Code Execution vulnerability in the modern Notepad app on Windows 11, impacting its Markdown rendering and clickable links. The flaw, rated 8.8, could allow remote attackers to execute code on a PC if a user interacts with a specially crafted Markdown file. The issue arises from improper handling of special elements in commands, enabling the execution of remote content. Fortunately, Microsoft is rolling out a fix as part of the February 2026 Patch Tuesday update. While there have been no observed exploits, users are urged to remain cautious, as the vulnerability requires only user interaction to trigger.