SecTeer VulnDetect & PatchPro Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Register
    • Login

    Notepad++ supply-chain incident - SecTeer impact assessment

    Scheduled Pinned Locked Moved General Discussion
    1 Posts 1 Posters 446 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      Tom VulnDetect Team Member
      last edited by Tom

      The reported Notepad++ supply-chain incident, as described in public reporting, was limited to the application’s built-in auto-update mechanism.

      SecTeer VulnDetect does not use or depend on the Notepad++ auto-updater. All Notepad++ packages distributed through SecTeer are downloaded directly from the official vendor source and processed through SecTeer’s own validation pipeline.

      This includes:

      • Verification of the Authenticode signature where the vendor provides signed binaries
      • Malware scanning using Microsoft Defender
      • Additional reputation-based checks as a supplementary control

      SecTeer packages are released independently of the vendor’s auto-update channel and are not delivered through the update mechanism involved in the reported incident. As a result, SecTeer did not distribute compromised code, and SecTeer’s distribution infrastructure was not impacted.

      A system could only have received the compromised update if the built-in Notepad++ auto-update feature was enabled on the system

      In short: SecTeer’s update mechanism was not involved in the incident, and no compromised Notepad++ packages were delivered through the SecTeer platform.

      /Tom
      Download the latest SecTeer VulnDetect agent here:
      https://vulndetect.com/dl/secteerSetup.exe

      1 Reply Last reply Reply Quote 0
      • T Tom pinned this topic on
      • T Tom locked this topic on
      • System unpinned this topic

      Hello! It looks like you're interested in this conversation, but you don't have an account yet.

      Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

      With your input, this post could be even better 💗

      Register Login
      • First post
        Last post
      Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

      Please see our Privacy and Data Processing Policy
      Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
      Forum software by NodeBB