Notepad++ has started blocking unsigned updates after reports that its built-in updater delivered malicious executables to some systems.
Rogue updater behavior raises alarm
The issue surfaced when a community user saw GUP.exe, Notepad++’s updater, spawn an unexpected AutoUpdater.exe file in the Temp folder. Instead of fetching a routine patch, the program ran commands to list network connections, system details, running processes and the current user, then saved the results to a.txt.
The exe
