Do Notepad popups represent a security risk or are they simply another way for spammers & marketers to annoy us? Because of a design flaw in Internet Explorer, Notepad popup windows can be displayed from an HTML email message or Web page regardless of browser security settings. In addition, Notepad popups can access files on a hard disk, possibilly causing stability problems in a Windows system.

A Notepad popup is a text window which is displayed by a HTML email message or Web page using the Windows Notepad utility. Click here for a sample popup. (If you are using Internet Explorer for your browser, the demo should have already popped up.)

Would you like to know more? Thanks PivX. There's a follow-up post to this issue over at BUGTRAQ, which states that this is not limited to just Notepad executing, for now the only fix is to change to another browser.