Microsoft Code 1.79 fixes security issue

Microsoft Code 1.79 fixes security issue

Hi All,

In Microsoft Code 1.79, there has been an update that fixes a security issue.

You can find the details here Closed Issue

A information disclosure vulnerability exists in VS Code 1.79.0 and earlier versions on Windows when file system operations are performed on malicious UNC paths. Examples include reading or resolving metadata of such paths. An authorised attacker must send the user a malicious file and convince the user to open it for the vulnerability to occur. Exploiting this vulnerability could allow the disclosure of NTLM hashes.

See more at the Version Updates May 2023 (version 1.79)

Andres Bohren

vscode Logo