2 matches found
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Microsoft has announced that Visual Studio Code VS Code will apply a two-hour delay before extensions for the integrated development environment IDE are updated automatically to a newer version in an attempt to tackle software supply chain threats. "When automatic updates are enabled, new version...
PT-2023-2422 · Microsoft · Visual Studio
Name of the Vulnerable Software and Affected Versions: Microsoft Visual Studio affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can allow an attacker to conduct spoofing attacks. It has been reported that...