Jump to content
Login new information ×
Login new information
  • Software News

    Senior Microsoft exec admits mistakenly removing VSCode extensions used by "millions"

    Karlston

    By Karlston,
    Published Date:

    • 173 views
    • 2 minutes
     Share
    • 173 views
    • 2 minutes

    Earlier today, we covered the incident of Microsoft Defender flagging the Winring0 driver inside PC monitoring and fan control apps as malicious. Although at first glance it may seem like an obvious false positive, turns out there is more to the story.

     

    However, that is not the case with a couple of Visual Studio Code (VSCode) extensions that were earlier removed by Microsoft from the Visual Studio marketplace after they were marked as potentially harmful.

     

    The problem mainly occurred as there was a lot of obfuscation in the code of two themes namely "Material Theme – Free" and "Material Theme Icons – Free". Obfuscated code is a technique fairly commonly used by threat actors so it is natural that Microsoft was on red alert about it.

     

    Turns out though, that the obfuscation was not out of any ill intent and after realizing this, Microsoft's Scott Hanselman, the Vice President at Microsoft for Developer Community, has thoroughly apologized for the inconvenience and the two extensions have since been restored on the marketplace. Hanselman writes:

     

    False positives suck, and it hurts when it happens.

     

    The publisher account for Material Theme and Material Theme Icons (Equinusocio) was mistakenly flagged and has now been restored. In the interest of safety, we moved fast and we messed up. We removed these themes because they fired off multiple malware detection indicators inside Microsoft, and our investigation came to the wrong conclusion. We care deeply about the security of the VS Code ecosystem, and acted quickly to protect our users.

     

    I understand that the "Equinusocio" extensions author's frustration and intense reaction, and we hear you. It's bad but sometimes things like this happen. We do our best - we're humans, and we hope to move on from this We will clarify our policy on obfuscated code and we will update our scanners and investigation process to reduce the likelihood of another event like this.
    These extensions are safe and have been restored for the VS Code community to enjoy.

    You can find the issue here on the Visual Studio Marketplace's official GitHub repo.

     

    Source

    Hope you enjoyed this news post.

    Thank you for appreciating my time and effort posting news every day for many years.

    News posts... 2023: 5,800+ | 2024: 5,700+ | 2025 (till end of February): 874

    RIP Matrix | Farewell my friend  :sadbye:

    • Djx1 and DLord
    • Like 2
     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...