Security Update for Microsoft Visual Studio Code (February 2019)
High Nessus Plugin ID 122255
SynopsisThe remote host has an application installed that is missing a security update.
DescriptionThe version of Microsoft Visual Studio Code installed on the remote Windows host is prior to 1.31.1. It is, therefore, affected by a remote code execution vulnerability that exists due to how environment variables are processed. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
SolutionUpgrade to Microsoft Visual Studio Code 1.31.1 or later.