SecTeer VulnDetect & PatchPro Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Login

    Notepad++ supply-chain incident - SecTeer impact assessment

    Scheduled Pinned until 03/03/2026, 09:18 Locked Moved General Discussion
    1 Posts 1 Posters 36 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      Tom VulnDetect Team Member
      last edited by

      The reported Notepad++ supply-chain incident, as described in public reporting, was limited to the application’s built-in auto-update mechanism.

      SecTeer VulnDetect does not use or depend on the Notepad++ auto-updater. All Notepad++ packages distributed through SecTeer are downloaded directly from the official vendor source and processed through SecTeer’s own validation pipeline.

      This includes:

      • Verification of the Authenticode signature where the vendor provides signed binaries
      • Malware scanning using Microsoft Defender
      • Additional reputation-based checks as a supplementary control

      SecTeer packages are released independently of the vendor’s auto-update channel and are not delivered through the update mechanism involved in the reported incident. As a result, SecTeer did not distribute compromised code, and SecTeer’s distribution infrastructure was not impacted.

      A system could only have received the compromised update if both of the following were true:

      • Notepad++ was not updated via SecTeer, and
      • The built-in Notepad++ auto-update feature was enabled on the system

      In short: SecTeer’s update mechanism was not involved in the incident, and no compromised Notepad++ packages were delivered through the SecTeer platform.

      /Tom
      Download the latest SecTeer VulnDetect agent here:
      https://vulndetect.com/dl/secteerSetup.exe

      1 Reply Last reply Reply Quote 0
      • T Tom pinned this topic
      • T Tom locked this topic
      • First post
        Last post
      Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

      Please see our Privacy and Data Processing Policy
      Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
      Forum software by NodeBB