A disturbing thing about this is the blog makes it appear Microsoft misunderstands the severity and isn't going to patch it:
> Vendor’s reply “this case has been assessed as low severity and does not meet MSRC’s bar for immediate servicing due to RCE is no longer possible without extensive user interaction (i.e., accepting a save prompt to a location controlled by an attacker).”
Meanwhile, the blog includes a video demonstrating the exploit where no such user interaction is involved. You just open a folder containing the 3rd-party code, and even if you tell VS Code you don't trust this folder, you get owned the moment you view the Jupyter .ipynb file in it.
ytpete•8mo ago
> Vendor’s reply “this case has been assessed as low severity and does not meet MSRC’s bar for immediate servicing due to RCE is no longer possible without extensive user interaction (i.e., accepting a save prompt to a location controlled by an attacker).”
Meanwhile, the blog includes a video demonstrating the exploit where no such user interaction is involved. You just open a folder containing the 3rd-party code, and even if you tell VS Code you don't trust this folder, you get owned the moment you view the Jupyter .ipynb file in it.