I noticed I had version 8.9 on Dec 28, 2025 and it seems clean according to

https://arstechnica.com/security/2026/02/notepad-updater-was...

I recommend removing notepad++ and installing via winget which installs the EXE directly without the winGUP updater service.

Here's an AI summary explaining who is affected.

Affected Versions: All versions of Notepad++ released prior to version 8.8.9 are considered potentially affected if an update was initiated during the compromise window.

Compromise Window: Between June 2025 and December 2, 2025.

Specific Risk: Users running older versions that utilized the WinGUp update tool were vulnerable to being redirected to malicious servers. These servers delivered trojanized installers containing a custom backdoor dubbed Chrysalis.