The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ‘effectively unexploitable’, says the application’s author.
Don Ho made the claim this week after the release of version 8.9.2 of Notepad++, which includes a double-lock verification that any download of the tool from this point on is genuine. The latest version verifies the signed XML returned by the update server in addition to the first step of the hardening in version 8.8.9, released in December, which verifies the authenticity of the signed installer downloaded from GitHub.
The application auto-updater has also been reinforced.
These actions aren’t foolproof, Ho admits in his blog, because it’s possible to exclude the auto-updater during the UI installation, or to deploy the installer with a specific command specifying the updater not be used.
In an email today to CSOonline, Ho said that no system can ever be declared absolutely unbreakable, “but the new design dramatically raises the bar.”
An attacker must now compromise both the hosting infrastructure and the signing keys, he explained, adding that the updater now validates both the manifest and the installer, each with independent cryptographic signatures. And any mismatch, missing signature, or certificate anomaly causes the update to abort automatically.
“This layered verification makes the update chain resilient even in the face of future infrastructure‑level compromises,” he concluded.
Another supply chain attack
One reason the compromise went undetected for so long is that only a small number of downloaders — far less than 0.1% — were specifically targeted by the attackers, Ho said, and the attackers were very cautious. “Their goal was long‑term espionage,” he noted, “so they acted quietly and deliberately to remain undetected for as long as possible.”
Compromising the update mechanism of an application is a classic way for a threat actor to infiltrate dozens, hundreds, or thousands of organizations that unwitting then use the hacked version of the software. One of the most notorious examples was the 2019/2020 compromise of the update infrastructure of Solarwinds’ Orion network monitoring suite. Another was the 2017 NotPetya attack that spread around the world after a Ukrainian tax application was hacked.
The Notepad++ problem began with the discovery that the IT infrastructure hosting Notepad++ had been compromised in June 2025, and a custom backdoor had been installed in the application. In the highly-targeted attack, traffic from certain users was selectively redirected to attacker-controlled servers by the malicious updates. Researchers at Rapid7 believe a China-based group dubbed Lotus Blossom was behind the attack.
The now former hosting provider believes the shared hosting server was compromised from June to September of 2025. However, even after losing server access, the attackers maintained credentials to internal services until December 2, 2025, allowing the continued redirection of Notepad++ update traffic. With the release of Notepad++ version 8.8.9, and the security hardening, all attacker access was terminated. Version 8.9.1 had even more security enhancements, and this week’s version 8.9.2 instituted the double-lock process.
Lessons learned
“Developers must plan for adversaries who are patient, sophisticated, and selective,” Ho said. Infrastructure is part of your attack surface, he pointed out; even if your code is secure, a weak link in hosting, DNS, or a content delivery network (CDN) can undermine everything. “Continuous monitoring and strict credential hygiene are essential,” he said, and application developers must assume that partial compromise is possible and design applications and their delivery and update mechanisms for failure.
And if there is a compromise, he added, rapid disclosure, detailed technical explanations, and prompt fixes help users understand the scope and maintain confidence in the project.
Jeff Pollard, who leads Forrester Research’s work on the role of the CSO, said the fixes “significantly reduce” the risk of this specific failure mode recurring. But, he added, no single change ‘solves’ all supply chain risks. Attackers can shift to other choke points such as build pipelines or signing keys, he pointed out. “The key takeaway is that Notepad++ closed the exploited gap and raised the attacker cost,” he said.
Small utilities like Notepad++ usually sit outside of procurement, inventory, and third party risk management controls, he said, which is why they are ubiquitous among technical users, and valuable targets for adversaries.
“Asset management and software inventory is a perpetual problem for enterprises, but this event demonstrates why it’s so important to understand all the software in your environment, no matter how big or small it is,” he said.
Douglas McKee, Rapid7’s senior director of vulnerability intelligence, said the Notepad++ supply chain incident underscores a broader evolution in how threat actors think about software trust and persistence. While updates to the Notepad++ distribution mechanism and the release of version 8.9.2 with enhanced double-lock update security help close the specific vulnerability exploited in this campaign, they do not on their own solve the systemic problem of modern supply chain risk.
“What this incident makes clear, and what organizations must internalize, is that supply chain security cannot be limited to source code and build systems,” he said. “Attackers targeted hosting infrastructure and update delivery flows outside of the project’s direct control. Only by reinforcing signature and certificate validation, and treating update infrastructure as part of the attack surface, can defenders meaningfully reduce exposure.”
No Responses