Hello, welcome to the Wednesday, June 5th, 2019 edition of the Sands and its Storms on a storm

star, Stormcast. My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Travis Ormandy of Google's Saturday project has reported vulnerability in Notepad of all applications.

Apparently some memory corruption error that could be used to actually execute arbitrary code.

Well, it's of course always curious to see a bug like this in an application like Notepad.

It's not yet clear how exploitable this is, no details

at this point. Tavis only tweeted that he reported this vulnerability to Microsoft. Of course,

it's always curious to have a vulnerability in software like Notepad.

What we have to see is how exploitable all of this will be likely it requires that the

victim will open a document in Notepad.

But remember how sometimes people like to actually use Notepad to open suspicious documents

because Notepad sort of has this reputation of being a simple

safe application to do this.

And not to be left alone here to match the notepad vulnerability, we also have details regarding

vulnerability in WIM and NeoWIM.

Now this vulnerability has been patched already was originally reported to the maintainers on May 22nd and

patched release came out on May 23rd for WIM and 29th for NeoWim. This feature is related to MOTLines.

Now, Mone Lines is a tricky feature in WIM. Essentially, what you can do with them is add special

lines to a text file that alter how WIM works. It's often used, for example, in code files in order to, for example,

set certain tap stops and alike, but can also, like in this case, use to execute arbitrary

commands. While this particular vulnerability has been patched now, the finder of the vulnerability

does recommend that you disable mode lines in WIM which can easily be done via the WIM configuration

...