The article explores the discovery of the ms-notepad:// protocol handler in recent Windows 11 builds. This handler allows users to launch Notepad via URI links and supports specific command line switches, which could potentially be used for unexpected file access or behavior through path traversal techniques.
Research into this protocol revealed that it can accept relative paths, although browser-based execution via links in Microsoft Edge may result in encoded characters that hinder direct traversal. Furthermore, a hidden /TESTING: argument was identified that processes Base64-encoded strings to open specific file paths, highlighting the continued expansion of URI-based protocols in modern Windows environments.
Top comments (0)