Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    US charges alleged operators of Russian bulletproof hosting service

    July 15, 2026

    Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

    July 14, 2026

    Microsoft releases Windows 10 KB5099539 extended security update

    July 14, 2026
    Facebook X (Twitter) Instagram
    • Demos
    • Technology
    • Gaming
    • Buy Now
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Canadian Cyber WatchCanadian Cyber Watch
    • Home
    • News
    • Alerts
    • Tips
    • Tools
    • Industry
    • Incidents
    • Events
    • Education
    Subscribe
    Canadian Cyber WatchCanadian Cyber Watch
    Home»Alerts»Microsoft Foundry Toolkit for VS Code: Command Injection via Python Interpreter Path Leading to Arbitrary Code Execution – Research Advisory
    Alerts

    Microsoft Foundry Toolkit for VS Code: Command Injection via Python Interpreter Path Leading to Arbitrary Code Execution – Research Advisory

    adminBy adminMay 14, 2026No Comments2 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    February 25, 2026: Tenable submits disclosure via MSRC portal.

    March 12, 2026: Microsoft responds that they have confirmed the behavior.

    March 13, 2026: Microsoft replies that they are working on the fix.

    March 26, 2026: Microsoft replies that the issue has been fixed.

    April 2, 2026: Tenable asks what version the issue was fixed in and if MS plans on issuing a CVE.

    April 7, 2026: Microsoft confirms that the issue was fixed in version 0.32.0. Microsoft states that due to auto-update capability, no CVE will be issued.

    April 10, 2026: Tenable replies that auto update may not be mandatory and that we think a CVE should be assigned.

    April 10, 2026: Microsoft replies that they will review.

    April 16, 2026: Microsoft replies that they will get back to us next week about CVE assignment and requests copy of draft advisory.

    April 17, 2026: Tenable shares draft advisory with Microsoft.

    April 21, 2026: Tenable asks for an update.

    April 21, 2026: Microsoft replies that they should get back in a few days.

    April 23, 2026: Microsoft advises that the CVE consideration is under active review.

    April 27, 2026: Tenable asks for an update on the CVE question.

    April 27, 2026: Microsoft replies that the case does not qualify for a CVE because few users triggered the affected feature, VS Code extensions are auto updated, and that a CVE is not required when there is no required customer action.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleHackers exploit auth bypass flaw in Burst Statistics WordPress plugin
    Next Article Debian Node.js Critical Denial of Service Vulnerabilities DSA-6272-1
    admin
    • Website

    Related Posts

    Alerts

    CISA Adds One Known Exploited Vulnerability to Catalog

    June 12, 2026
    Alerts

    FreePBX security advisory (AV26–596) – Canadian Centre for Cyber Security

    June 12, 2026
    Alerts

    SSA-879734 V1.0: Multiple Vulnerabilities in SCALANCE XM-400/XR-500 before V6.6.1

    June 12, 2026
    Add A Comment

    Comments are closed.

    Demo
    Top Posts

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    85
    Featured

    Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

    January 15, 2021 Featured
    8.1
    Uncategorized

    A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

    January 15, 2021 Uncategorized
    8.9
    Editor's Picks

    DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

    January 15, 2021 Editor's Picks

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Demo
    Most Popular

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Our Picks

    US charges alleged operators of Russian bulletproof hosting service

    July 15, 2026

    Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

    July 14, 2026

    Microsoft releases Windows 10 KB5099539 extended security update

    July 14, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Technology
    • Gaming
    • Phones
    • Buy Now
    © 2026 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.