I think that N++ is a one-programmer project.

Don Ho seems like a really cool guy.

I hope he is able to get the patch Incorporated, because it sounds like the security team provided one.

Thanks Don, for your work; and thanks Jaroslav, for the security discovery.

A specially crafted malicious file when opened by Notepad++ may be able to execute arbitrary code on the victim's computer, without any further interaction, aside from opening the malicious file.