Am I the first person to pop a shell in notepad?
....believe it or not, It's a real bug!
pic.twitter.com/t2wTh7E93p
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Oh I didn't dream to think you'd just launched cmd.exe from the picker, it's just in proc and there's lots of corruptable attack surface off the shell. Less from the main parsing path. Nonzero :)
Even bypassing CFG? oh man, is there a scripting env or something? Get this bug out now!
That's what I was thinking. Unlikely to be exploitable with just a straight forward buffer overflow. But you never know...
Implication being arbitrary code execution just by opening a malicious text file?
Are you sure? It is not even friday.
Holy shit.... 
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.