Microsoft rolled out a hotfix for Visual Studio Code 1.67. The 1.67.1 update fixes a remote execution vulnerability.
Details on the vulnerability are scarce. The threat was labelled as CVE-2022-30129 and allowed hackers to exploit Visual Studio Code 1.67 for remote code execution. There’s no evidence of the vulnerability being exploited by cybercriminals. The threat was resolved with Visual Studio Code 1.67.1, which is available on GitHub.
Visual Studio Code 1.67
1.67 has become an enormous project. Some of the minor changes make a huge impact, which is the case with bracket pair colourization. This feature was initially an extension, becoming a part of Visual Studio Code 1.67 and greatly improving performance.
Additionally, the release brings significant improvements through Markdown editing. Authors can easily create and design links to files by dragging and dropping from web browsers. Another new feature finds all references applicable for links, headers, URLs, and files. This feature allows users to rename link destinations such as headers, files, and references links while automatically updating and editing any linked files. It has become much easier to edit large documents without breaking links.
Profiles, Java and Python
One of the more strategic improvements is the ability to import and export setting profiles. Profiles include installed extensions and UI customizations. While this feature doesn’t include every setting, it’s extensive enough to provide students and colleagues with a pre-configured setup.
Furthermore, Java developers can greatly benefit from this version through a debugger feature that accedes value recovery. The team also updated Python support with the Black Python code formatter, which the authors refer to as “uncompromising” because “you agree to cede control over the minutia of hand-formatting.”