CVE-2025-64660 – GitHub Copilot and VS Code Remote Code Execution

CVE-2025-64660 in GitHub Copilot and Visual Studio Code allows remote code execution when a user opens a malicious repository and requests Copilot assistance on a trusted file. The vulnerability affects Copilot integrations in supported VS Code builds, enabling an attacker with low privileges and network access to trigger arbitrary code in the developer’s environment, mapped to MITRE ATT&CK T1204 (User Execution) and T1059 (Command and Scripting Interpreter). Microsoft rates the flaw as "Important" with a CVSS 3.1 base score of 8.0, and notes that exploitation requires user interaction and an authenticated attacker able to plant a crafted file in the target repo. The core issue is improper access control around how Copilot handles content from repositories that a user has explicitly trusted within Visual Studio Code. An attacker who can commit a malicious file to a repo, or compromise a maintainer account, can craft content that is later executed when the victim invokes Copilot on that file. Because developers often run VS Code with broad system access and elevated permissions, a successful exploit can pivot from a single project into the wider workstation, CI tooling, or cloud credentials cached on the host. This makes developer desktops and build servers attractive entry points into software supply chains. From a business perspective, compromise of a Copilot-enabled IDE can lead directly to source code theft, credential harvesting, build pipeline tampering, or insertion of backdoors into released software. Organizations regulated under GDPR, SOC 2, PCI-DSS, or sector rules for financial and healthcare data face heightened risk if developer endpoints also hold access tokens, secrets, or customer data. While Microsoft reports no public exploitation and labels exploitability as "less likely," the combination of network reachability, low privileges, and user interaction means the threat should be treated as a priority hardening item. Microsoft has released official fixes and updated guidance through its Security Update Guide, recommending that all supported Copilot and Visual Studio Code installations apply the latest patches. Security teams should enforce least-privilege configurations for developer accounts, revoke and rotate any exposed access tokens, and deploy endpoint detection tuned to IDE and Copilot processes. Where possible, isolate high-risk development workloads in hardened VMs or containers and monitor for unusual repository file changes that may signal an intrusion staging an exploit for CVE-2025-64660.