Things started to go downhill when it stopped being a .exe in System32 and started being distributed through the MS Store. They've escalated from spell check and tabs to full rich text formatting (remember WordPad?) and Copilot. But this vulnerability stems from links in Markdown documents, so I guess they're well on their way to embedding most of a web browser as they rediscover all the security implications.