Top issues
Detected Windows executable files packed with runtime packers that reduce or nullify the effects of vulnerability mitigation protections.
Causes risk: mitigation incompatible packers
hardening
Problem
Windows executable files can be converted to self-extracting applications that rebuild their own code during execution. Algorithms that process the executable format, and act as the operating system loader, are typically written in the low-level assembly code. As re-implementations of core system functionalities, they are often an imperfect simulation of complex application loading procedures. Most runtime packers are incompatible with the baseline vulnerability mitigation options that operating systems provide. Therefore, it's a common practice that various security features get silently disabled during this type of software packing. Packed applications typically continue to run without visible software defects, and they can even pass rigorous quality assurance testing. However, such tests rarely evaluate vulnerability mitigation effectiveness.Prevalence in Visual Studio Code community
No prevalence information at this timeNext steps
When this issue is reported, it is common to find additional compatibility issues that the runtime packing has introduced. You should deprecate the use of runtime packers or enforce digital rights management via less intrusive ways that still preserve compatibility with vulnerability mitigation options.
Detected Windows executable files with the entry point residing in a writable section making it possible to change code while executing.
Causes risk: unsafe code linking practices
hardening
Problem
Windows executable files are mapped in memory as a sequence of allocated pages. The pages are grouped into sections with defined access rights. Main executable code section is referenced by the entry point address. When the entry point section requests a combination of write and execute access rights attributes, it gets allowed to self-modify its code during runtime. Vulnerability mitigations are implemented with the assumption that the executable code sections are read-only, or immutable. Using unsafe executable section access rights may lead to exposing critical security data to overwrites, tampering, and complete bypasses of vulnerability mitigations. This issue is typically reported when a software publisher uses a low quality executable packing solution.Prevalence in Visual Studio Code community
No prevalence information at this timeNext steps
You should deprecate the use of runtime packers, or enforce digital rights management via less intrusive ways that preserve compatibility with vulnerability mitigation options.
Detected presence of patch mandated vulnerabilities.
Causes risk: patch mandated vulnerabilities
vulnerabilities
Problem
Software composition analysis has identified a component with one or more known vulnerabilities. Available threat intelligence telemetry has confirmed that the reported vulnerabilities are actively being exploited by malicious actors. Regulatory body or a government agency has issued a patching mandate for all software components affected by the identified vulnerabilities.Prevalence in Visual Studio Code community
No prevalence information at this timeNext steps
We strongly advise updating the component to the latest version.
If the update can't resolve the issue, create a plan to isolate or replace the affected component.
Detected presence of severe vulnerabilities with active exploitation.
Causes risk: actively exploited vulnerabilities
vulnerabilities
Problem
Software composition analysis has identified a component with one or more known severe vulnerabilities. Available threat intelligence telemetry has confirmed that the reported high or critical severity vulnerabilities are actively being exploited by malicious actors.Prevalence in Visual Studio Code community
No prevalence information at this timeNext steps
We strongly advise updating the component to the latest version.
If the update can't resolve the issue, create a plan to isolate or replace the affected component.
Detected presence of malware-exploited vulnerabilities.
Causes risk: malware exploited vulnerabilities
vulnerabilities
Problem
Software composition analysis has identified a component with one or more known vulnerabilities. Available threat intelligence telemetry has confirmed that the reported vulnerabilities are actively being exploited by malicious actors. Malware code that propagates through these vulnerabilities has been created. This increases the chance of automated malware attacks affecting the software component users.Prevalence in Visual Studio Code community
No prevalence information at this timeNext steps
We strongly advise updating the component to the latest version.
If the update can't resolve the issue, create a plan to isolate or replace the affected component.
Top behaviors
Disables showing hidden files.
stealth
Prevalence in Visual Studio Code community
No behavior prevalence information at this timeRetrieves the name of the user associated with the process.
search
Prevalence in Visual Studio Code community
No behavior prevalence information at this timeDeletes the value of a registry key.
registry
Prevalence in Visual Studio Code community
No behavior prevalence information at this timeDeletes a registry key and its values.
registry
Prevalence in Visual Studio Code community
No behavior prevalence information at this timeModifies file/directory permissions.
permissions
Prevalence in Visual Studio Code community
No behavior prevalence information at this timeTop vulnerabilities
Vulnerability Exploitation Lifecycle
(96 Active Vulnerabilities)
51 (49 Fixable)
CVE-2016-0705c
CVE-2016-0799c
CVE-2016-2177c
45 (44 Fixable)
CVE-2014-9911c
CVE-2016-6293c
CVE-2016-7415c
4 (4 Fixable)
CVE-2019-11358m
CVE-2020-11022m
CVE-2020-11023m
1 (1 Fixable)
CVE-2020-11023m
Exploits Unknown
Exploits Exist
Exploited by Malware
Patching Mandated