Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. […]
from https://www.bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-caused-by-file-extension-typo/