Notepad++ v8.9.3 Released Addressing cURL Security Vulnerability and Crash Issues
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
Notepad++<\/a> has officially released version 8.9.3, delivering critical security patches, structural performance enhancements, and resolutions for persistent crash issues.<\/p>\n This update finalizes the text editor\u2019s transition to a highly optimized XML parser, addressing multiple recent regressions while fortifying the application\u2019s auto-update mechanism against documented vulnerabilities.<\/p>\n The most notable security implementation in version 8.9.3 is the remediation of a vulnerability within the application\u2019s auto-updater framework.<\/p>\n The development team has updated the cURL component in WinGUp to version 8.19.0, mitigating a specific security issue, CVE-2025-14819<\/a>.<\/p>\n Additionally, this release resolves an unintended privilege escalation bug introduced in prior versions. Previously, installing or removing a plugin caused Notepad++ to inadvertently relaunch with permanent administrative privileges. This regression has been successfully patched, ensuring the application adheres to standard user privilege limits during routine plugin management.<\/p>\n To optimize the performance of reading and writing configuration files, Notepad++ has been steadily migrating from TinyXML to the newer Alongside the performance boost, developers have squashed several regressions stemming from this transition, including localized Workspace text errors and incorrect text displays for non-UTF8 documents.<\/p>\n The core components driving the text editor\u2019s interface have also received substantial upgrades, with Scintilla updating to version 5.6.0 and Lexilla advancing to version 5.4.7.<\/p>\n System stability remains a primary focus in this deployment. The engineering team has successfully isolated and fixed a long-standing defect where initiating a print job caused the entire application to crash.<\/p>\n Similar fatal errors involving User Defined Languages (UDL) have been corrected. Furthermore, a memory leak occurring upon application exit has been sealed, preventing resource degradation during prolonged development sessions.<\/p>\n System administrators managing enterprise deployments gain valuable new controls in this release. The introduction of the A secondary protective enhancement prevents XML configuration files from being inadvertently overwritten when updating portable packages via standard copy-and-paste methods.<\/p>\n Other notable fixes include<\/a> resolving an issue where \u201cFind in Files\u201d failed to search file content on disk, stopping Notepad++ from spawning redundant Windows Explorer processes in Task Manager, and adding native Autocompletion and Function List support for the D programming language.<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Notepad++ v8.9.3 Released Addressing cURL Security Vulnerability and Crash Issues<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nNotepad++ v8.9.3 Release<\/strong><\/h2>\n
\n\n
\n \nVulnerability \/ Issue<\/th>\n Component Affected<\/th>\n Resolution<\/th>\n<\/tr>\n<\/thead>\n \n CVE-2025-14819<\/strong><\/td>\n WinGUp Auto-Updater<\/td>\n Updated embedded cURL to v8.19.0<\/td>\n<\/tr>\n \n Admin Privilege Bug<\/strong><\/td>\n Plugin Manager<\/td>\n Prevented permanent admin rights upon N++ restart<\/td>\n<\/tr>\n \n MITM Update Failure<\/strong><\/td>\n Network \/ Updater<\/td>\n Fixed plugin and update downloads behind corporate proxies<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n Core Upgrades and Crash Issues<\/strong><\/h2>\n
pugixml<\/code> parser over recent updates. Version 8.9.3 marks the completion of this structural overhaul.<\/p>\ndisableNppAutoUpdate.xml<\/code> file allows IT teams to explicitly disable auto-updates even when the WinGUp executable is present.<\/p>\n