Microsoft has issued Visual Studio Code 1.128.1 to address CVE-2026-57102, a high-severity security feature bypass affecting every VS Code release before that version. Developers and administrators should treat the update as an immediate priority: Microsoft’s CVSS 3.1 rating is 8.8 out of 10, and the affected range begins at version 1.0.0 rather than a recent release branch.
Microsoft published the advisory on July 14, 2026, alongside the VS Code 1.128 release cycle. The company’s release notes say 1.128.1 addresses the security issues, while the National Vulnerability Database identifies CVE-2026-57102 as a flaw in which functionality from an untrusted control sphere can enable an unauthorized attacker to bypass a security feature over a network.
That wording is broad, but the practical message is not: if a Windows PC runs VS Code 1.128.0 or older, it needs the patched build. This is an application update, not a Windows cumulative update, so a fully patched Windows 11 device can still remain exposed if VS Code itself is behind.
Microsoft classifies the vulnerability as a security feature bypass, but the assigned CVSS vector adds important context. The score indicates network reachability, low attack complexity, no required privileges, and required user interaction. It also assigns high potential impact to confidentiality, integrity, and availability.
In other words, this is not described as a drive-by compromise of every VS Code installation. An attacker must still induce a user to interact with malicious content or a malicious workflow. But developers routinely open repositories, folders, projects, pull-request checkouts, archives, and individual files received from other people. That is exactly the sort of workflow where a trust or execution boundary matters.
The technical record currently names two weakness categories: exposure of sensitive information to an unauthorized actor and inclusion of functionality from an untrusted control sphere. Microsoft has not published exploit code, root-cause details, or a precise description of the vulnerable feature. The National Vulnerability Database record is still awaiting enrichment, so it would be premature to claim that the issue specifically involves an extension, a workspace configuration, Copilot, Git integration, Remote Development, or a particular file type.
That restraint matters. VS Code is a large Electron-based application with local tooling, extension hosts, terminals, debuggers, source-control hooks, remote environments, and AI-assisted developer features. “Security feature bypass” describes the consequence, not necessarily the component that failed.
A bypass in or around that security model can turn a routine developer action—opening a cloned repository or inspecting a downloaded project—into a much more consequential event. The CVSS requirement for user interaction does not make the flaw trivial; it reflects the fact that developers must be persuaded to open or otherwise engage with attacker-controlled material.
The present advisory does not say that Workspace Trust itself is the affected feature. Administrators should avoid assuming that this is a Restricted Mode-only bug, or that keeping a workspace untrusted is an adequate substitute for installing 1.128.1. Microsoft’s documentation is explicit that Workspace Trust is a defensive layer, not a guarantee against malicious extensions or every possible execution path.
For organizations, that distinction should shape communications to engineering teams. Tell users to update first. Continue to advise them not to blindly trust unfamiliar repositories, to scrutinize extensions and workspace configuration, and to avoid disabling trust protections merely to make a project work.
VS Code’s July 8 release notes say the 1.128 release is rolling out gradually, but users can invoke Check for Updates inside the editor to request the newest build. On Windows, the Help menu’s About dialog provides a quick version check, while managed environments should rely on their existing inventory tooling rather than user confirmation alone.
A few deployment details deserve attention:
Update behavior is the first setting to audit. Where organizations intentionally defer application updates for compatibility testing, 1.128.1 should move through the expedited security-update process rather than wait for the normal monthly or quarterly developer-tool cadence. The compatibility risk may be real for specialized extensions, but the fix is a point update within the current 1.128 train—not a major product migration.
Extension governance is the second priority. Microsoft’s policy framework supports allowed-extension controls, and its Policy Diagnostics command can show whether VS Code recognizes the centrally applied settings. An extension allowlist will not remediate CVE-2026-57102, particularly because Microsoft has not identified the vulnerable component publicly, but it reduces the broader risk around a tool whose extension ecosystem can execute code on developers’ behalf.
Security teams should also resist the urge to disable Workspace Trust globally as a short-term workaround for developer friction. Doing so removes a meaningful protection against untrusted projects without addressing the underlying defect. Patch the editor; preserve the guardrails.
The advisory also has a high technical-impact assessment in the same CISA data. Combined with Microsoft’s 8.8 severity rating, the sensible conclusion is that this belongs in the accelerated patch queue for workstations used to handle proprietary source code, production credentials, cloud subscriptions, signing keys, package publishing tokens, or privileged infrastructure repositories.
The immediate next step is clear: inventory Visual Studio Code, update every installation below 1.128.1, and confirm that exceptions such as ZIP, portable, system-wide, and managed deployments were not missed. Microsoft may later publish a fuller technical explanation, but organizations do not need that explanation to act on the version boundary already established.
Microsoft published the advisory on July 14, 2026, alongside the VS Code 1.128 release cycle. The company’s release notes say 1.128.1 addresses the security issues, while the National Vulnerability Database identifies CVE-2026-57102 as a flaw in which functionality from an untrusted control sphere can enable an unauthorized attacker to bypass a security feature over a network.
That wording is broad, but the practical message is not: if a Windows PC runs VS Code 1.128.0 or older, it needs the patched build. This is an application update, not a Windows cumulative update, so a fully patched Windows 11 device can still remain exposed if VS Code itself is behind.
The Patch Protects a Boundary VS Code Depends On
Microsoft classifies the vulnerability as a security feature bypass, but the assigned CVSS vector adds important context. The score indicates network reachability, low attack complexity, no required privileges, and required user interaction. It also assigns high potential impact to confidentiality, integrity, and availability.In other words, this is not described as a drive-by compromise of every VS Code installation. An attacker must still induce a user to interact with malicious content or a malicious workflow. But developers routinely open repositories, folders, projects, pull-request checkouts, archives, and individual files received from other people. That is exactly the sort of workflow where a trust or execution boundary matters.
The technical record currently names two weakness categories: exposure of sensitive information to an unauthorized actor and inclusion of functionality from an untrusted control sphere. Microsoft has not published exploit code, root-cause details, or a precise description of the vulnerable feature. The National Vulnerability Database record is still awaiting enrichment, so it would be premature to claim that the issue specifically involves an extension, a workspace configuration, Copilot, Git integration, Remote Development, or a particular file type.
That restraint matters. VS Code is a large Electron-based application with local tooling, extension hosts, terminals, debuggers, source-control hooks, remote environments, and AI-assisted developer features. “Security feature bypass” describes the consequence, not necessarily the component that failed.
Workspace Trust Is the Most Obvious Operational Concern
Microsoft’s own VS Code documentation explains why this class of issue carries weight. The editor’s Workspace Trust feature opens unfamiliar folders in Restricted Mode, intended to reduce the risk of automatic code execution while a developer reviews untrusted project contents. Restricted Mode can limit or block extensions, tasks, debugging, terminal behavior, workspace settings, and AI agents.A bypass in or around that security model can turn a routine developer action—opening a cloned repository or inspecting a downloaded project—into a much more consequential event. The CVSS requirement for user interaction does not make the flaw trivial; it reflects the fact that developers must be persuaded to open or otherwise engage with attacker-controlled material.
The present advisory does not say that Workspace Trust itself is the affected feature. Administrators should avoid assuming that this is a Restricted Mode-only bug, or that keeping a workspace untrusted is an adequate substitute for installing 1.128.1. Microsoft’s documentation is explicit that Workspace Trust is a defensive layer, not a guarantee against malicious extensions or every possible execution path.
For organizations, that distinction should shape communications to engineering teams. Tell users to update first. Continue to advise them not to blindly trust unfamiliar repositories, to scrutinize extensions and workspace configuration, and to avoid disabling trust protections merely to make a project work.
Version 1.128.1 Is the Remediation Line
The affected-version data published through the NVD lists VS Code versions earlier than 1.128.1. The immediate validation target is therefore simple: endpoints should report version 1.128.1 or later.VS Code’s July 8 release notes say the 1.128 release is rolling out gradually, but users can invoke Check for Updates inside the editor to request the newest build. On Windows, the Help menu’s About dialog provides a quick version check, while managed environments should rely on their existing inventory tooling rather than user confirmation alone.
A few deployment details deserve attention:
- User-installer deployments normally support smoother background updates because they are installed per user under the local AppData path.
- System-installer deployments require elevation for in-product updates, so they can fall behind if standard users cannot complete the update.
- ZIP archive and portable deployments do not receive the same automatic update path and must be replaced manually.
- Users who run a user-level VS Code installation as Administrator may find updates disabled in that configuration.
Code.exe instances outside the usual installation path, including extracted archives and automation images.Enterprise IT Can Use Existing Controls to Close the Gap
For Windows fleets, this is a reasonable time to verify that VS Code is governed like a developer platform rather than treated as a lightweight text editor. Microsoft supports enterprise policies for VS Code on Windows through Registry-based Group Policy and can apply those policies through Active Directory or Microsoft Intune. The policies can enforce settings that override defaults, user configuration, and workspace configuration.Update behavior is the first setting to audit. Where organizations intentionally defer application updates for compatibility testing, 1.128.1 should move through the expedited security-update process rather than wait for the normal monthly or quarterly developer-tool cadence. The compatibility risk may be real for specialized extensions, but the fix is a point update within the current 1.128 train—not a major product migration.
Extension governance is the second priority. Microsoft’s policy framework supports allowed-extension controls, and its Policy Diagnostics command can show whether VS Code recognizes the centrally applied settings. An extension allowlist will not remediate CVE-2026-57102, particularly because Microsoft has not identified the vulnerable component publicly, but it reduces the broader risk around a tool whose extension ecosystem can execute code on developers’ behalf.
Security teams should also resist the urge to disable Workspace Trust globally as a short-term workaround for developer friction. Doing so removes a meaningful protection against untrusted projects without addressing the underlying defect. Patch the editor; preserve the guardrails.
No Active Exploitation Is Listed—Yet
CISA’s supplemental vulnerability prioritization data presently marks exploitation as “none” and automation as “no.” That is useful for triage, but it is not a reason to postpone the update. CVE publication and patch availability often create the conditions for researchers and attackers to compare fixed and vulnerable code, especially for a widely deployed open-source-adjacent developer product.The advisory also has a high technical-impact assessment in the same CISA data. Combined with Microsoft’s 8.8 severity rating, the sensible conclusion is that this belongs in the accelerated patch queue for workstations used to handle proprietary source code, production credentials, cloud subscriptions, signing keys, package publishing tokens, or privileged infrastructure repositories.
The immediate next step is clear: inventory Visual Studio Code, update every installation below 1.128.1, and confirm that exceptions such as ZIP, portable, system-wide, and managed deployments were not missed. Microsoft may later publish a fuller technical explanation, but organizations do not need that explanation to act on the version boundary already established.
References
- Primary source: MSRC
Published: 2026-07-14T07:00:00-07:00
Security Update Guide - Microsoft Security Response Center
msrc.microsoft.com
- Official source: github.com
Differences between the repository and Visual Studio Code · microsoft/vscode Wiki · GitHub
Visual Studio Code. Contribute to microsoft/vscode development by creating an account on GitHub.
github.com
- Related coverage: itpro.com
Millions of developers could be impacted by flaws in Visual Studio Code extensions – here's what you need to know, and how to protect yourself | IT Pro
Three newly discovered flaws in Visual Studio Code (VS Code) extensions enable local file exfiltration and remote code execution, researchers have warned.www.itpro.com - Related coverage: code.visualstudio.com
Extension runtime security
Learn about the security measures in place for Visual Studio Code extensions, including permissions, user reliability checks, and Marketplace protections.code.visualstudio.com