Follow
Microsoft knows that VS Code extensions are being weaponised to distribute malware, but they have now native way at all to tell what extensions are installed across a domain & no way to restrict what extensions may be installed. That's a massive fail.
Cobbled together 2 PowerShell scripts to give us insight on what we're dealing with, so now at least we can see what extensions we have installed out there.
@jfparis You can control Chrome, Edge or Firefox extensions via GPO, so there's no reason why a native MS product doesn't have that same support.
@WilliamNB @jfparis absolutely
@WilliamNB
Supply chain management (or lack thereof)