RCE = "Remote Code Execution" software vulnerability. This is the worst type of vulnerability software can have, because it means that someone can take over your computer and run arbitrary commands from the other side of the internet. All you have to do is "view" the file in VSCode (you don't even have to run it!) for someone to take over your computer.
RCE = "Remote Code Execution" software vulnerability. This is the worst type of vulnerability software can have, because it means that someone can take over your computer and run arbitrary commands from the other side of the internet. All you have to do is "view" the file in VSCode (you don't even have to run it!) for someone to take over your computer.
Update your VSCode now!
Details of the exploit on github: https://github.com/google/security-research/security/advisories/GHSA-pw56-c55x-cm9m
What hackers are saying: https://news.ycombinator.com/item?id=33890098
Extra Credit:
Anyone who reproduces the steps in the "details of the exploit" github report and demos these steps to me will earn +2 EC in the class.