VSCode not well protected

27 views
Skip to first unread message

Kurt Buff

unread,
Jun 10, 2024, 1:52:47 PMJun 10
to ntsys...@googlegroups.com
EDR "lenient" on add-ins:
https://www.bleepingcomputer.com/news/security/malicious-vscode-extensions-with-millions-of-installs-discovered/

I don't use VSCode, but that's just me being unfamiliar with it. I've
installed it on a couple of machines, but for my purposes notepad++
has so far sufficed.

Kurt

Philip Elder

unread,
Jun 10, 2024, 3:26:09 PMJun 10
to ntsys...@googlegroups.com

I use it almost exclusively for all things command line and PowerShell and more:

https://www.mpecsinc.com/powershell-paradise-installing-and-configuring-visual-studio-code-vs-code-and-git/

 

it's been a blessing me to code things up consistently without dyslexifying it really bad which is what I was doing prior.

 

Colour coding really helps.

 

 

Philip Elder MCTS

Senior Technical Architect

Microsoft High Availability MVP

E-mail: Phili...@mpecsinc.ca

Phone: +1 (780) 458-2028

Web: www.mpecsinc.com

Blog: blog.mpecsinc.com

Twitter: Twitter.com/MPECSInc

Skype: MPECSInc.

 

Please note: Although we may sometimes respond to email, text and phone calls instantly at all hours of the day, our regular business hours are 8:00 AM - 5:00 PM, Monday thru Friday.

--

You received this message because you are subscribed to the Google Groups "ntsysadmin" group.

To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce5d5tC9DEQFCaZEudLLLhuwdFzJax%2Bwek-CyyKSjJiogg%40mail.gmail.com.

Jamie McNamara

unread,
Jun 10, 2024, 3:50:04 PMJun 10
to ntsys...@googlegroups.com
The problem is VScode (which many depts from devs to bi) use is its designed rapid deployment and use. Its strengths and weaknesses are the same issue with the XZ exploit: it assumes that all devs contributing to it or its use are noble and altruistic. Unsigned unverified GitHubs of useful tools against which IT has not confirmed.

Jamie McNamara

Cloud Engineer | Gemini 

250 Technology way

Rocklin, CA 95765

626.224.4719  Direct

877.739.7481  Company Directory

Website | LinkedIn | Facebook| YouTube | Instagram| Twitter


--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce5d5tC9DEQFCaZEudLLLhuwdFzJax%2Bwek-CyyKSjJiogg%40mail.gmail.com.

IMPORTANT WARNING: 

The information contained in this transmission is confidential and is intended only for the person or entity to which it is addressed. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this information is strictly prohibited.


This document may contain protected health information. If you are not the recipient, pursuant to HIPAA, please notify our office at 877-739-7481 Opt. 2 and destroy the document(s) immediately.


Recipient acknowledges and agrees that Gemini Duplication, Inc. is not engaged in the practice of law or the provision of legal services, and that recipient alone is completely and independently responsible for its own legal rights and obligations.

Reply all
Reply to author
Forward
0 new messages