VS Code - Remote Code Execution Vulnerability
A remote code execution vulnerability exists in VS Code Copilot Chat 0.32.0 and earlier versions where a prompt-injected agent mode chat could make edits to sensitive files such as .vscode/settings.json, bypassing the normal sensitivity check.
Patches
The fix is available starting with VS Code Copilot Chat 0.32.1. The fix (microsoft/vscode-copilot-chat@efdc31e) mitigates this attack by normalizing casing to the tool.
Workarounds
Avoid including untrusted input or context in your agent loop.
References
VS Code - Remote Code Execution Vulnerability
A remote code execution vulnerability exists in VS Code Copilot Chat 0.32.0 and earlier versions where a prompt-injected agent mode chat could make edits to sensitive files such as
.vscode/settings.json, bypassing the normal sensitivity check.Patches
The fix is available starting with VS Code Copilot Chat 0.32.1. The fix (microsoft/vscode-copilot-chat@efdc31e) mitigates this attack by normalizing casing to the tool.
Workarounds
Avoid including untrusted input or context in your agent loop.
References