I have checked out the https://github.com/donho/xmlSigner project and it is what I needed. I have used that project to correctly pass the XML signing test. I have opened some issues with that project. Here is a quick summary of how the update process works. The wingup code first queries a website to determine if an update is required and the returned XML provides information to be used later. None of the information in the XML is used if it doesn’t pass the XML security check. After passing the security check the code looks for the update status and download location, assuming an update is required. After prompting the user to download the update and finishing the download, it checks the code signing of the installer. Assuming that the code signing is valid and the correct certificate, it starts the install. I will try to document all the customizations to the code from Notepad++, wingup and xmlSigner to make it work in my project so that future users have a place to start, but that will be after I am sure its all working correctly with the new security updates. Thank you @xomx for pointing me in the right direction.

@xomx Thank you for pinging! https://github.com/notepad-plus-plus/notepad-plus-plus/commit/2c1abe0784543e78dbba0f259b0948cf3a08b8cb

@Coises Thank you, Coises, for your helpful reply. I truly appreciate your support and guidance. Regards, Harmandeep Singh Kandhari

@donho , Thanks for the verifcation, and sorry for the late reponse, I came down really sick that night for about a 5 day period after posting this, and am just getting back into the swing of things. Just wanted to make sure we didn’t need to be redundant about that process. Thanks again for the clarification.

@Ilhan-Yumer , The developer does not read most posts in this Forum. If you would like to suggest such a move to the developer, I would recommend creating a new Issue at GitHub requesting it (https://github.com/notepad-plus-plus/notepad-plus-plus/issues).

BTW: 5.1-if your home internet speed is fast enough, setup your own web server to your pc under virtualbox(in case of web server software cve’s/rce’s). I or anyone can help with that. Dont forget to hardening server for security. IMO, this is BAD advice. To suggest to a non-security specialist who runs this as a hobby, that he should self-host, and try to keep up on all the security hardening, is asking him to get hacked even worse than the hack that already happened. He was literally paying a host to provide such services, and the professionals failed; he has now changed providers to a host who has better security procedures. Believe me it’s not that hard to setup a webserver or harden it, especially while backed by a strong community. The risks are different when hosting at home between hosting remotely. The hosting firm may be offered money to hijack, or an out-of-date hosting management software had rce was waiting to be abused.

@Tavi , As far as I can tell, they were unrelated. Scanners such as VirusTotal look at the executable itself, and last year were being triggered by the lack of signing and the self-signing of the executable. please confirm if this issue is related to the notepad++ hijack news dated 2nd Feb 2026? The issue you are referring to, as linked here and described in detail here specifically said, the compromise occured at the hosting provider level rather than through vulnerabilities in Notepad++ code itself. This was a website hack, and VirusTotal and other such AV scans do not detect website hacks, as far as I understand them. See the FAQ, which has the best “table of contents” for the website hack. ALL related followups/discussions must go in Topic: autoupdater and connection to temp.sh.

@xomx said in Help needed - Forensic extractor result analyzing: @donho What is that for (is it for specific HW, OS or network analysis)? Ubuntu on a VPS Fullname of the forensic SW “Forensic Extractor” ballpoint.fr It’s rather to analyze the results to make sure if anything is OK. Note the VPS is only for the wingup.org, whereas notepad-plus-plus.org is on a sharing hosting service. Thank you for the ref I will check this company.

UPDATE: With the release of v8.8.7, Notepad++ is once again signed by a GlobalSign-issued certificate, as well as the Notepad++ self-signed certificate. The above instructions are still appropriate for confirming the self-signed certificate, but with the GlobalSign-issued certificate, the procedure is not as critical.

UPDATE: With the release of v8.8.7, Notepad++ is once again signed by a GlobalSign-issued certificate, as well as the Notepad++ self-signed certificate.

UPDATE: With the release of v8.8.7, Notepad++ is once again signed by a GlobalSign-issued certificate, as well as the Notepad++ self-signed certificate.

https://notepad-plus-plus.org/news/v886-released/

@Pulp-Sendo Already fixed for the upcoming N++ v8.8.6.

@xomx Thanks for your input, the analysis does seem to be a bit on the… overly cautious or paranoid side. maybe it’s time to find a new resource for risk analysis!

@podlipom51-podlipom51 said in File empty after opening it as Adminitrator: I was unable to save file. Suggested to open as Administrator after accepting my file is empty. It is very important file for me what to do? Where were you trying to save the file? To somewhere in c:\program files\ or c:\windows or similarly protected area? Or were you trying to save to a normal writeable directory on your machine’s local drive? Or a mounted network drive? Because it only suggests Administrator if it gets a “permission denied” error when you try to write the file. after accepting my file is empty. It is very important file for me what to do? Bummer. Unfortunately, if you already restarted Notepad++, and it didn’t have the Settings > Preferences > Backup set to take “session snapshots and periodic backups”, your unsaved changes were never written to disk anywhere. As soon as Notepad++ exited, those bits were removed from active memory, and were lost. Since the files were likely never written to disk, I doubt that an external file-recovery utility like Recuva would work for you, but you might try directing such at the `c:\users<username>\AppData\Roaming\Notepad++\backup See our FAQ on backups for more details about how the Notepad++ backup settings work, how the AutoSave plugin can help improve things, and best-practice suggestions for avoiding data loss in the future. Also, I think one of the frequent contributors is actively working on a solution to have Notepad++ be able to get UAC permission for a file-save without needing to restart the application – such a feature would definitely help in your case. Unfortunately, I’ve spent the last few minutes trying to find the Issue or PR where that was being discussed, and haven’t found it yet.