Microsoft has issued an urgent security update for Visual Studio Code, version 1.123.2, to address a critical vulnerability tracked as CVE-2026-47281. The flaw undermines the editor’s workspace trust feature, potentially allowing attackers to execute malicious code on a victim’s machine when they open an untrusted project. Users and organizations are advised to apply the patch immediately.

What CVE-2026-47281 Actually Does

CVE-2026-47281 strikes at the heart of a defense mechanism that millions of developers rely on daily. Workspace trust, introduced in VS Code 1.57 (May 2021), is designed to restrict dangerous capabilities—such as running tasks, launching debuggers, and loading certain extensions—when you open a folder or workspace from an unfamiliar source. The feature prompts you before granting full access, creating a safety barrier around your development environment.

This vulnerability shatters that barrier. According to the advisory, an attacker can craft a malicious workspace that, when opened, bypasses trust restrictions and executes arbitrary code on the target machine. The exact technical details remain under embargo, but the impact is clear: simply opening a compromised project folder—whether from a cloned repository, an email attachment, or a downloaded ZIP file—could hand control to an attacker. All versions of VS Code before 1.123.2 are affected, and Microsoft has assigned the flaw a high severity rating, underscoring the urgency.

Who’s at Risk

Every VS Code user who opens code from external sources is a potential target. For independent developers, the risk peaks when experimenting with open-source projects or code snippets shared online. A malicious actor could embed an exploit in a seemingly innocent project, lying in wait for unsuspecting users.

For enterprises, the danger is magnified. Developers frequently juggle internal projects and third-party libraries, any of which could be weaponized. The advisory explicitly warns: “Organizations should immediately inventory every machine-wide and per-user Visual Studio Code installation, upgrade all releases earlier than 1.123.2, and require unfamiliar folders and workspace file.” The mention of both installation types is critical—machine-wide installs sit in Program Files, while per-user ones hide in AppData, often overlooked by IT inventory tools. A single unpatched instance could become an entry point.

How We Got Here

Workspace trust was a welcome addition to VS Code’s security model. Before its debut, opening a folder in the editor could automatically trigger build tasks, install dependencies via extension scripts, and load plugin configurations—all without user consent. The feature added a crucial step: “Do you trust the authors of these files?” If you answered no, the editor ran in a restricted mode, disabling many potentially harmful features.

Yet trust boundaries are only as strong as their implementation. Since 1.57, Microsoft has patched several bypasses that undermined workspace trust. Each CVE highlighted a gap in the logic: an extension that could escape restrictions, a debug configuration that triggered code unexpectedly, a path traversal that tricked the trust check. CVE-2026-47281 appears to be the latest in this lineage, though its precise mechanism hasn’t been disclosed. What’s different now is the sweeping guidance—the advisory doesn’t mince words about updating immediately and inventorying all installations, suggesting the exploit is either easy to trigger or already circulating.

What to Do Right Now

The fix is straightforward, but verification is key. Here’s how to protect yourself and your organization.

For Individual Users

  1. Check your version: Open VS Code, go to Help > About. If the version is lower than 1.123.2, update now.
  2. Update in-app: Use Help > Check for Updates to download and install the latest release.
  3. Alternatively, download the installer directly from code.visualstudio.com.
  4. After updating, verify the version number again to ensure the patch took effect.

For IT Administrators

  1. Inventory all installations. Use a script like the following PowerShell snippet to scan both typical locations:
    powershell $paths = @("C:\Program Files", "$env:LOCALAPPDATA\Programs", "$env:APPDATA\Local\Programs") Get-ChildItem -Path $paths -Filter code.exe -Recurse -ErrorAction SilentlyContinue | ForEach-Object { $fv = [System.Diagnostics.FileVersionInfo]::GetVersionInfo($_.FullName).FileVersion Write-Output "$($_.FullName) : $fv" }
    Target versions below 1.123.2 for remediation.
  2. Deploy the update via your endpoint manager (SCCM, Intune, or Group Policy). Microsoft provides MSI installers for enterprise distribution.
  3. Reinforce workspace trust settings. While the patch is the primary defense, you can tighten related policies by adding these to VS Code’s settings.json or pushing them via Group Policy:
    - "security.workspace.trust.enabled": true (ensure trust is active)
    - "security.workspace.trust.startupPrompt": "always" (force prompts; default is “once”)
    - Consider setting "extensions.supportUntrustedWorkspaces": false to disable extensions entirely in untrusted spaces if risk tolerance is low.
  4. Educate users. Remind developers to treat all untrusted projects as potentially hostile until scanned. Encourage them to update promptly and not ignore trust prompts.

Additional Hardening

Disable workspace trust entirely only as a last resort, as doing so reopens other vectors. The advisory urges ensuring that “unfamiliar folders and workspace file[s]” are scrutinized—this means relying on the updated trust mechanism, not bypassing it.

The Broader Outlook

VS Code’s dominance—over 70% of developers use it, according to Stack Overflow’s 2024 survey—makes it a prime target. The workspace trust feature was a smart defense-in-depth layer, but this latest bypass underscores a painful truth: no single security boundary is unbreakable. Microsoft will likely continue hardening the feature, perhaps with tighter sandboxing or process isolation, but the onus remains on users and admins to keep software current.

Watch for Microsoft’s detailed technical write-up once the embargo lifts. In the meantime, this CVE is a stark reminder that even trusted tools need constant vigilance. Update now, verify your versions, and stay alert—your next project folder may not be as innocent as it looks.