LandzDown Forum

Security => Security Alerts & Briefings => Topic started by: hayc59 on March 08, 2017, 09:26:26 PM

Title: Notepad++ v 7.3.3 - Fix CIA Hacking Notepad++ Issue URGENT!!
Post by: hayc59 on March 08, 2017, 09:26:26 PM
Notepad++ v 7.3.3 - Fix CIA Hacking Notepad++ Issue
08 Mar 2017 21:58:00

"Vault 7: CIA Hacking Tools Revealed" has been published by Wikileaks recentely, and Notepad++ is on the list.

• The issue of a hijacked DLL concerns scilexer.dll (needed by Notepad++) on a compromised PC, which is replaced by a modified scilexer.dll built by the CIA. When Notepad++ is launched, the modified scilexer.dll is loaded instead of the original one.
It doesn't mean that CIA is interested in your coding skill or in your sex message content, but rather it prevents raising any red flags while the DLL does data collection in the background.
For remedying this issue, from this release (v7.3.3) forward, notepad++.exe checks the certificate validation in scilexer.dll before loading it. If the certificate is missing or invalid, then it just won't be loaded, and Notepad++ will fail to launch.

• Checking the certificate of a DLL makes it harder to hack. Note that once users’ PCs are compromised, the hackers can do anything on the PCs. This solution only prevents from Notepad++ loading a CIA homemade DLL. It doesn't prevent your original notepad++.exe from being replaced by modified notepad++.exe while the CIA is controlling your PC.
Just like knowing the lock is useless for people who are willing to go into my house, I still shut the door and lock it every morning when I leave home. We are in a f**king corrupted world, unfortunately.
Otherwise there are a lot of enhancements and bug-fixes which improve your Notepad++ experience. For all the detail change log, please check in the Download page.

More Info l Wikileaks Notepad++ is on the list. (https://wikileaks.org/ciav7p1/cms/page_26968090.html)
Download: Notepad++ (https://notepad-plus-plus.org/download/v7.3.3.html)




Download link modified by winchester73
Title: Re: Notepad++ v 7.3.3 - Fix CIA Hacking Notepad++ Issue URGENT!!
Post by: plodr on March 09, 2017, 01:05:28 PM
Also same info and download link from the Notepad++ site
https://notepad-plus-plus.org/news/notepad-7.3.3-fix-cia-hacking-issue.html
Title: Re: Notepad++ v 7.3.3 - Fix CIA Hacking Notepad++ Issue URGENT!!
Post by: hayc59 on March 09, 2017, 02:12:15 PM
Also same info and download link from the Notepad++ site
https://notepad-plus-plus.org/news/notepad-7.3.3-fix-cia-hacking-issue.html
plodr..thank you edit button went south before I could edit it :)
Title: Re: Notepad++ v 7.3.3 - Fix CIA Hacking Notepad++ Issue URGENT!!
Post by: winchester73 on March 09, 2017, 07:46:04 PM
plodr..thank you edit button went south before I could edit it :)

I previously edited your original post to reflect the direct download link:  https://notepad-plus-plus.org/download/v7.3.3.html

I noticed in other forums that folks were complaining about your link.  If you mouse over it, you'll see that it was corrected here.  ;)

A simple message to an admin can get posts edited and corrected if you are past the time limit for doing it yourself.  8)

As for the issue with Notepad++, this is only applicable on a compromised PC, per plodr's link.

Quote
The issue of a hijacked DLL concerns scilexer.dll (needed by Notepad++) on a compromised PC, which is replaced by a modified scilexer.dll built by the CIA. When Notepad++ is launched, the modified scilexer.dll is loaded instead of the original one.

Per ghacks:  https://www.ghacks.net/2017/03/09/notepad-7-3-3-update-fixes-cia-vulnerability/

Quote
The team notes that this won't do you any good if the entire PC is compromised as attackers may do anything they like in this case
Title: Re: Notepad++ v 7.3.3 - Fix CIA Hacking Notepad++ Issue URGENT!!
Post by: Corrine on March 09, 2017, 08:52:59 PM
edit button went south before I could edit it :)
Don't go there again, G.