Microsoft Just Patched a Major Security Vulnerability for This Popular Windows App

Users could be tricked into running arbitrary code, but the issue was patched last week.
The Hacker News

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.