SecTeer VulnDetect does not use or depend on the Notepad++ auto-updater. All Notepad++ packages distributed through SecTeer are downloaded directly from the official vendor source and processed through SecTeer’s own validation pipeline.

This includes:

• Verification of the Authenticode signature where the vendor provides signed binaries
• Malware scanning using Microsoft Defender
• Additional reputation-based checks as a supplementary control

SecTeer packages are released independently of the vendor’s auto-update channel and are not delivered through the update mechanism involved in the reported incident. As a result, SecTeer did not distribute compromised code, and SecTeer’s distribution infrastructure was not impacted.

A system could only have received the compromised update if the built-in Notepad++ auto-update feature was enabled on the system

In short: SecTeer’s update mechanism was not involved in the incident, and no compromised Notepad++ packages were delivered through the SecTeer platform.